From 166859b9447a0f047307e654dd41475f6d8ae00c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1=20autouploader?=
 <nabijaczleweli/autouploader@nabijaczleweli.xyz>
Date: Fri, 1 Mar 2024 12:15:16 +0000
Subject: [PATCH] Manpage update by job 1160052

---
 tzpfms.pdf                  | Bin 65830 -> 81311 bytes
 tzpfms.ps                   | 890 +++++++++++++++++++++++++-----------
 zfs-fido2-add-backup.8      | 125 +++++
 zfs-fido2-add-backup.8.html | 153 +++++++
 zfs-fido2-change-key.8      | 186 ++++++++
 zfs-fido2-change-key.8.html | 206 +++++++++
 zfs-fido2-clear-key.8       | 113 +++++
 zfs-fido2-clear-key.8.html  | 143 ++++++
 zfs-fido2-load-key.8        |  98 ++++
 zfs-fido2-load-key.8.html   | 117 +++++
 10 files changed, 1766 insertions(+), 265 deletions(-)
 create mode 100644 zfs-fido2-add-backup.8
 create mode 100644 zfs-fido2-add-backup.8.html
 create mode 100644 zfs-fido2-change-key.8
 create mode 100644 zfs-fido2-change-key.8.html
 create mode 100644 zfs-fido2-clear-key.8
 create mode 100644 zfs-fido2-clear-key.8.html
 create mode 100644 zfs-fido2-load-key.8
 create mode 100644 zfs-fido2-load-key.8.html

diff --git a/tzpfms.pdf b/tzpfms.pdf
index 27c002042bfbe5c3dcf56997cd6401d1467f3a8f..173e61f3413a64e9e0cfffb2aa76b220b5be6643 100644
GIT binary patch
delta 58918
zcmZUaQ+U`x*X`rRR%6>X8{1}M+sQw+(Wr6K*tYG)wrwY;-#O>~Zr-bzXP&v3t3AK9
z_S$~}A#&azYT!VD6s<L<HF4C+j#Jt{x}_{F<k3t)?N6qrQB5hDb?PP^jR{S<L|o`7
z0U$w9WUsDU%AYA8!x!1T+u}5CW2H{AhGt%E3ONEB&smzuC~#kFz;GsM)H?o$-@tx#
z;S23%{L)=Pk~JZaRvkM(9{v3LIZrMqeu7hCsM_BAaP1DLk6Y*C=VdieIPAtx$8;Ux
z6M(fjUBzU`WQ>cR<9wdz`!?}M9vSL1pr5+lh6Uhb@%ubDU4*uyG-;xxt?hkE$55O)
zH;ap+in{!9gPP-Tx~uOdWQ!R(33njo9xmgVtI#ZZs-;VSYU-MtD9D`2EpR~m6}nPc
zJE<IN|63Obi>a3l>rI#-|8p_A#Hi5ji#K-RmJ>xSz}0G2p*8mXVOBHA@ue?S&9W-d
zbZXL~l?_YD$H3kj@fb3EPr+(QF#nP(E_B1uGUEx86|Telq+LMV7dO3_Q1iG2mvp?m
zkt*B;S1S_6z0~xj=_Y<4P?fv1o-OWbw$bFfni4foHVPaHK4gIf<P!&Fda}h+PJQ~m
z+*r8@;I@MJJXWstuRR8Mp9LM@ZnWBg*t-m8%bD9(O;;Zt5i%}hetz~AmrJ8hN>w4s
z3Gq+QhF{7?Eh)KCPI%Yi+6}i9Z9*z|#s=qrJu9P2f#dx#JXcIz<B>!HBYd5Iu<^kL
zOY8@FX0fY7C3l70L&pjliJpQsK$Y`MSwFHjIw;*t7A^;O4h(_n4x$7^N-c~RsLvG=
z5H$3<L9@yokdQqkCOO`Fs-IKt!S^7E<d4yE4Ww|w12g6f2(IfnKfDtHn(d-nss>PZ
zs42FqnD)DFR3qU1v?<9y2~1J{$cYn)bp8Sq+_a9)77K9;HtC2^ZZQJj$kY<ed#HGb
z`-Hsm3Y|32xS*jc`U&30HL`s((M?_9&7f~Jf2`RiZp8Fqa?Lvh4mD%C`bvb+D{-H{
zA^e=}u{6?htMb1`)Z?AUy*3LfE(<rlmsU-rW8_fExE!ft=m|vG{_dc^?d9#SaAyH{
zf?WO@3i#35p#$X+0auHzmGYysBik0dAM}9J!%%2)j3IoOLK~K8Tvj~{0hS27b@<B*
zYLhM9-5LauNq(I<+qkyU1VrB^$^;Fg9Sd7L8uw=pwy?8fgW{m9vL3`XXzFN)Cxx^t
zHKJNjV@1s9KFzA`(Fy9$a)15A5@ZAb6Fe*c!Ll=0ab&&^Uj_x^=GE=iy>1GFi9T~R
z7V346=^J)|yu>!rYhHaSv_FJtypoXaD>RIVM87Zn&`sFx#KY{F9C~JvzlFLer8jbN
z&%&U{7G8h4iQ-5Bd8tfDQ+RTFOer3e()9)+L{+)E?GH6FX6~#h*-Nj(c1|n+xxQ8l
zbDrM!<fOQK+J35fQ=wW;ldYkGd{U>Mas1v547z2DRDax*XGZuZ<bGNQnMv*$hg!qk
zk4+h7WXMYJb{!MPTI-qzS*I{OMc3<X(`N2)Tyx;A5ZMuu`Ylb>8kO3<jkvLYF-vZc
z0i+D1{7wN4stB&ekV;+I<bDSjNs~dWh^qLZLdp0h@AlDDCUDU;L#IvFEq0Tt$`{Gz
zsph*<#X)Y1iU>KQ8S|{){z-gV%X+p@M-qWq3X-P!Qc{w+UP}$Pmaimk$&M-Qm8wzD
zm{HBM$vizR9`&*PhGl;ymN5`EBG&E0ipezJRQU_xgjIq{oC!&H@-7>wmH!j7;Z(f2
zJ8ieByj`!cv1Q`3XUBS_;|E?7GyOFLo0llofC2f8iN_?Qf?M^aD6PZvFcV2rP<$PF
zeXf)u>bqvo5~-4`%c4SrkW02$hZ?v!N=wvctNKHee6FyfX88;jDMfTKAY`n_Unz>+
zy?5gvRy>Pd1sT+&ifaLYeD%k>m_j(vF@Rg=34*7pJ*5}>jx`E4C0mDbkUk@2G~LLU
z-zDl37?br}Xrj(2edCQ#`-=tbRyK*+LHUjblcU7R6!FgpDkR-+NsobJGPJ;7q8nfW
z{9meLiBv3N=X9#LkEJ6PB(j*6T~sH>c45JT<DzYS`M+2cH13>$te;}^GD^Ad{ks`K
zN2Vn>wUmR{x?ugQ^KOKZ*+=d=w@po%na7-p9iE_IS?{25O}Xd^?atqklHLMzc?wsc
zuqO~Om{>}Yj8>TO$`Yg4U@@=0*(rv)sNwxEUZW}}sX91ToG^n~heNlrz@=T#JK;eI
z)`ncq{j|T29-?yw_)KxOZFIs>cO{1>zq{j!weW=fNzIw6p2eK8Hd_11ISPaL=HbcQ
z`5P_$iUIHM?iyF8fS~V(FxDPoKf|d~Gx*K>Qh760{j^4L{mR1I+1$$g-P=i6`N;$F
zNC&NTZrH*~^^H}X=Z>M>b`#E$lWI)#Df++zW^Sz>)=UQ#u+a#aLhjho*9GOToXZ31
zu%C`<fbouvA(ObY&{VZgD;4^sp?-ZTF1!?K^Qgn@(6uVF&=b0u^D$`6LYe!^&LVd?
ztTM815srS8h`RS(k5pEqI=#-{&5-ADcyypvWTvV~iQf%+he*Z8&OMWslY;0cXo^@?
zLKqp&1~^#=FumHeYm#6>xyQ1^6fLKev=@4i@y<x_Fh4`oMh}#WATjKgWQs>X>{w<t
zd^5x)$@kcR+pWb+hV8(7z$+a;0@^{T>j?!g*!Jz<FSQGGB&}8XBCKFY4Iv$@){xIR
zJoOT*OaDGAH-K>@mXS&N<a+0EB}a;Kol?pW#;!d9ljjc^b;I!vq%&^h)OAverUwNu
z-P?oeZ77iH*Q!g1(bYQmnPqi#L6Lt)MG3tYX5*pYBO+l0U~KKy7jSEIjla~AuJC1B
z2c)9@60ShUA&BB=gfM9=Q>dqLe@CWMda{AAn1dxx_k!`jW-1zz-O%HbCP5HfkmV<M
z8bUe-s{MwM5W&C7vxQABxW>605U-MF;@-dC6-VId<VASJCWzr$Y|Pt}U>uVoB)%*_
zYEkC*P*e=}<0-Dgrf=-_sP-UZuL$&>e?Rxco?bM3tLfz&imJe^;_ni&7}0`!FLp?d
z=p6_Yg|R;Jj$7-J`LJVK6)pa~$4{}nDTZSTJpJVTK0tH4d?s<E#aqxG!IFfllqe;W
zbZWZAMWx=snSFtya17p2lT|m?#W_WMk_>(zR_>~bP<QITVFu!aZNG(E!?cx(%tKiC
z!GdMFC>zV~Lkgt?V@+?XyFf_%5{uRF<Rb#=L7UVOyrKLz8kvYsK@u?ys=x{dYX0gK
zup0VEKzeY2i&l$>*+W&Nl5$BsAP=V_0oPw#<{URlu@GnPv|&mh?qm2yr^n>dPCo}X
z*0xX=3=j8fm@OrVQ(E=KNpUH7$6p#1x<6Peve>^B=NVzhlp&}A+O_QBRy2Zm4k^54
zf|dPJnX|`5c%^*=P7<33XT>RWZ<?V3$U0Y?lVIB%U?#{tJk!&Y+)S7hEyuKrw&bW)
zqIZNkC{%P?`-l<|Xp31-A-g8>1)a26bHz<KRT_8vW#|n{-Y$p6c6PUN|G;=9jvvPB
zK;w^!4Ndcd!ad~B_y!}Gu_S#kSO-@10snZQo!12!y)=LUMGTZ#(bZO=7xDuUIF^ku
z&s%K1%e!n-hWjPtTkED{?m*S;<Wls#Ft*y}3oG_6S0<XK)OMC>r6(G<VAvJRw7sHP
z2f8wYF4_vI*`ecc!mu=Dke?DP#^tBrjf=-})E}?0d1(`J%zTRP#{(|DLMGTHGP&@>
zyvN_^<J$*AErXk_apBg#dB@Nn0x4F^`#(IHBAvJW^TM|{Z-zjW^cS}YPS{SWJGoex
zTzf2dY*>j+6gd74la4FFG}es$qy|;hf)dcvSZMNbb*jVrezlXDYmaST$jxLa<^Dht
z;f!;XnRNI&sq?;3*Ne&9Tw{*&sF-l%{o~|dx_&6s5c}ei7QRA7V@&F54M<ja***hd
zy4~Yh@+U2Ci%({4GY&7HJoCN`M-(lE8T^({xMZo?fdeQ7zP;$te_e%dK2Re^mOrd`
z(7zqFotU9uJejC3jFT~b-M-@P6_*U;KWVRTfrsECH}c2(hG8IKy*QP22R720ewAAu
zdU-u4u}2_Y3?0bT937=z0pag0R^G{B*_+R)?giYHFy-Jro65~YmMM(R+L&m~mNh4B
zJTG~fVq+YF4*1|<iInAxqgGmnKbtIvvjpM8(kQK@?~(AXlO3SX`8^{LQm$@@Nm`3`
z9M^G8!L}L-+~cGA8NIlQaSi1zy|=wL>zYZ~lrP+QL=*D*YgC+`0RDo?>=wE5o8l@<
zDC5X$rd~cMU*{38qS70JS_%s1+F^v~W@Dv!E{W|O<{hEyYpR~dMb5N!D;~jD%J&z+
z_E%$XQ#%u97bjCATiAa)dt)nD4k9L^|5;gC*x3Ga#?1Zy5Bc~QWlinOT`Y)Ln24B?
z0wl-)xumrrl+LT_G|@8nKhV%Y_RBX$w$;0Gg$rh>wd4A&{{)b39|<T9NNRo+H+fNa
z{#V)(Yg+Gcm8!Zjk0gnI`pM-|wZYT-lx`Sn>Zc2E)Xti^k@Mj<bWmOKM!QvOk7+(_
zXZ&hZE1<&YjOk4$?@KAQV(gCTFdXO8#FY(b2?};M<{0=rjn#L5e7>JnV?Ay$`gz%s
zSDT+d&Nmoy>b$!hw&v}<2rOz<OjV?6rEf&N!o3W@tdI!ap$#8du6E9J6iP7gZ$C3R
zwtD$DCypewn;j6Z)x}-PZLL-9&7w}*{hdNzgR2FbGI~o`KR)f)qUwQ}`$2dUNWcfQ
z?{vJ)@5$q}64bX+8hA9@ox9eS@$qh%9CX%fh0pb52fXpUN>#q*bZjv=Dc5Jw$|at~
zOWC9}YLRL`{$ULoXGaro2sxv=ibAvg_SP54#Nt;`<|pV3+q#ma2Kx(tHHK=9WLmq{
zcpPm!&4ofIA{~pTDwASSG$Cq*F{&Gg=}3E)|J{d?kTl|J2ef&)`g(iv-hBW4zO1)m
zWy)CpK510F={Kg}o)iK`DMzZI^I){X|M*bMV`Zgh(}1xzSWx1<mpWQZyuID_`ZjfS
zngwd%GyIev(7C0z?&t07+1cXbx*$gN{aa`AI=J!A@1<gcV*+@kdqcIWm_`?Xe(9-R
z6Fp8Za_WgNcvvwgaGL8i*K?LVMR^%j18TJN(Vr*e(>Q+YlEAl7yKJY`h(%7j8XCb;
zt?<@VBCW2WHV*s1$|9h{odmwDkId6`1|Z_S_eAvN^0L}iW_v^Fj@VV<i#TKl(C8BU
zSPUxR9eCVvFut^Q_Z}%0(oP1Jz-G+V5C%AH>FY!0x@fjQVueKa$YjqudK~A7@GCIK
z7KRWlyNtucC79=9ueset81cA`Wr;pYlMF`?BbAr9tlLMmPmFNwu@yJ9rlZ;{k0f_H
zXk-$`lh6^?Old*NNMsTI;!>vs2gqJ=^V&uF%)Lx-ErY|7Ahc}crRM?&!N-)LjG6s@
z1`8J;Evx%P;=kcZZQZo&IKg7=CDu747Y1hhJ*<7Q17DRdkjpVl!OxP>-j~JJzpZ$-
zX79_N7FOj5B=9zTc(`xR!^vjgvwDpe=a~E@aq}f$e<N-MtKPV3ycaqTu34Qk!T%On
zMHqQHW23<1Ez~}ozab0!C65_td__KUAM{#KP0}rPKK05-Dc`)wX!6+-W;qr!*&dd8
z_Uj(VDwNkT%-f4@k9@5UMefLu*+2i0xq?d4lnTX_BW1QE)hW4v?nIx&R*PN%3YSW6
zGucd14k_7-sDcy^TdAR0D-d{mnCxvBi-%&gkYP%W=Biiv{*VRuV~Y2M>?6zV+^Jo;
zw>Bd}+v-PcAwhB^MbxQ~<WcD;3689b$4HUlQ_=XUl`<s<%JmGd7G_@=j?^+}6UiSb
z&h>3+bt+R10>UJ`Fk&G+Sn(Lfk0C$c+!4S6C2I$C(({WH#du@L-aFA<N66+JiO_n)
z^)2EX^I7}JTFL<a3&{4C5PPc8D=}&-t)YZ_m$8&}f6Ce<vJaF%#NbxLYI+d@ye58(
z1O7F0S8wCgExEc>@KvZA1yW|B)LVkczj*;?iDLZXV2b`^qc)V-fe@rTfK{!iLXX3(
zYMf=T%CF(gqZ!Ezt2x0jGWQH=G6zNQfm7NG0fkhw+eP5vVBt3ggklPKRRP#ADc(5I
zDI4cn4>-&<ZY+_jIkD<n+v?~9WjF~E1bOJ0b`(N_Yc1_9Cj#>A9-TafMAQLyFb=-s
z5btUiBS^a}3*S_S`+i<Ld={6!&|+!Br1ym3Lxts!N~v$&&)J=Pc_53>I*mW&nrz#R
zdpNY}Q4j#>HZOOv@W;|f+?+&%b6-7+(n=S;zN($qc!b|m68H2$0ve@ZEVv$0ap*Mj
z(mQD7_+B=gfAfE4T|5OZ*K!?}+*l&xl)Od!8m_KXVnrFEAZ+nEnNp_c7fz|zTEVOk
z3+57q5MqjeOvQiHEJaaahKJcD6Zh{*%(#9;(P#%kp@sZ6X7#7_r}4y<QpG6ze?(AF
z*2Ck4vY=rgz0xt+n0_o<qh0daZIO<!^W58%zljutV9wbiLO>XTE7~=u^!cR)l7!<}
zg?F{lBZFLX73fxuO(AqbA$h%gTDra-{LsIH=8vj9Fo=ULc{{&2$x<;J-)*J?nlU75
z>AL`%t&64hp*%^LL0<3=i{<;X8$V*O8PVB!u{F{%gwGsjK2!%j#36I+2K;_e#Z9@j
zNyBscyP~Q<U*omVhKFICoj3vUBTS?iJi0nTx@NIY&0r^mD=yoy8FU0~N;Qxys>mTe
zyg3D&clTd=T&x6Q@@YehjQ506x~EC{<aYqopIH0c69J4<h~!JFOnyo?wM+EB4Nr+2
z@vChU$Y%rxM%>9}IlpSly=yqZ<^Cw4#oIh3QCmS-ja_7~XiG&b3>XnF+-f@KvRNdO
z{Dz-pR9$ESJwT83n3sQHzGY?k&CM{uZ=yGSGZ9LNs|hb!X&c`;<Wq+S>yS8bQg8q?
zsWo{SGY3UeVu^b0BOdLTBS5c9d>|Jliw9}pv~hUZuv*Sg%8v%^Pz#UDIp?#xXM^k(
zq>#kXI9r`6<a?RXv>gvOsll{@#gLP0doSA;t@9^)YepG-dfxTf)inw&SVEw>v{wF#
zQ6{;Xoe!{wOrd-gv}&Y>k-4&fEgl9i0$r&!wnWL*N(vj7m-2<hOVk*;3qI7o+Hp!C
zP846D5}|OOw(3eX_L)js{3OK;>f3H5N)Q7!J%2b%8EfXE21zLk%2Mz6cg;t2hICl+
z7|A==S>)%BMXJq<C<4mUTqlM8I*;nv_@1OmKIFH?aj7N2DBwPWih~?0`aFRD>GB^Q
z8x7>=$lw`)@jity{EQ{FtZ#u^oUM0FoZxzuFz&DfN;{j9w!8^HW&+yk09`bt>fm_U
zZw9q{*0yr(C756}W_x6Z$HDoU_P0i35KQ1(r?8>+O==7adrQ*M@@@xIUwnszItZ;%
zi_DkKSa4OAE(?Bo=EG8>QeZ$>`>GP564bU>vjYBQ#=LNkg%Q0b%&#`bNL7Djbl5ph
zLdrzs#Ih?ycA?f+2e6s(*|K?!*ViBJi#(a0GcQKFb7`ZhbZkihM=u|(KSShKFx5T%
zN~}+_Q!QxIG{+NUPQ4a04#_rj|5%rx&HwcXbaavUp-m2>z|x^%RA&hc?d4k{26~N_
zVJO_Ud*S_A)qQ<P`k>7sb68j8>EQw5_#E1WU5$MLXt3Qn1rkH}OF{=^=nGfgI;<sK
z^h-zQZU;_9wMgI^P1u;gIZ*jYK=b(&3cQuImcyKQZi*tZvvUxYAWc!^d4x&%)Z#~n
zYH(L`pO`u?h?-HxN8o`^4y`rUhOYO&Gq&eNV`!d@YbbYYVSHG|A<zC2RDH-{MDqs|
z&T3?cmHCxFId|DJ$RyH=x~cq*`K`hoGDZqum2+8Lj^ygM<~_7{5@N4+WjU^)=M*{e
zDfrZGh8L>cNjKvHDc8BK^<{q+&Z~}=UH+vCZ%atyjCa2?#{3IlK(Ig}Ua&&;F`eM%
z<_00_jxW{?JMnLg!5-sldM9s%P(#zt;z1~J;9K>VTH+yuuA)g7_8EC~PLtFI)E8ey
z3Y^gJpD8W6o(5-?1)XP>9M9m(+=<IA8|SP_V@Lm$O^!!Ma1u11fnM%UH$y0tWSJoa
z$VPN;SBvEd5F~+&O?8p{AaVpyEeVN-;Hbior<8!xygaA!RW;=s=Bw%nuWp_s%o#$O
z3MHfscig%JChHF*ccGbyE^3VCl@is$*zd5<Mx3P>EF@;fS4bAfO0ezLk`}(mY?FK2
zsg57Qqt|c0Hm|y7u-vM?UpYGKan{19@$OqbHyBwoi`oM$cPylT_Z-+R27SEj_6g+p
zEXouPf=WkG)hHA7p?Q>riL%sT{Wyvf?0K;N{wUp&%jj{IIS3hrL_n~8gYex21Erz8
ziQXzuMWD2FT32W53vuF~@lc-J_M|btX2zc4)Enu*k)mfvWe&P)yb*zbIXu;Lu{L6C
zr`F!7k<kM5E&NT?FQ<Qs&ly@4%EKM^yGu7dKEoW)YZc$TI!-*V=G(L<q{{r}BtX!P
zy8+k3P0vi~^}RYqUAY^cBS@)J<z7gss_INaWGQ6c$bB;2W2g$-PSPm&IEeLoPn9UV
zt93cAR-4<wxE)+TO66pMUzdtm*boAB>umG#bZi6+1xHT7O@BJg@^rWIeH{)CUhG?N
ztR}IYzmZzs+&$c-Hh1giY;EcTfU}?X&Dj$cV-=$vMG2m&hXw}CSteQr3=9R*FuseY
zT`q*DTW+uAw7r!g2hP1&-M4Xdm$liL;~3;}#0!E|e|>7{*VMlzF@;iup6HphAkNJT
zTT}pri`=l_oGbxZY<VeU83RJ&AqBq(CH1WH?sKs`Ymqd25M=+1Zd?BPw;q<1w?{6j
zr!KSsZS1+-tXz#HY9TUjs=5gLlBe3%sm5&jsN0nWuoiJ@x1X10{Q~<*%<wpWx=x$b
zIE_P<6@nsq#68f@JZm2mg-Rpglb63a#u@@H%`3{zuBp6+P_C)X&-EE;^8F=&#WH>3
zHcB+6clsqPk?@n-x~0>4j5YG@r!zHAI>Z|cQMP&2%WL_V^p>Fk=gtp@b*M<Ow9(x5
z&b1mzRnd*?!5A0^b=`ltR-eWAJo9#1N4N_{7sxL5YlOk$V#levrc$^hLj`_^x^)5O
z8-#97Q~r3*%H^qk*(5i{Gq02a_~~wW?NuR__t>V2TA*xWQ<s-unj~*g%AG%AhLvqx
zxsPpbEW}HVN}lhy%zd?p0EE%{L^Q~jOtR*aXxlB)Y*RP*u$j&ZE7*mJm{!)zu;jvs
z2VJ@|QT3d()T#8a<y|F_m+v~dJiFq?j*m$1FN{&(Ln{BJW&cN{{y#Cx!Ois_G0VdK
z-(r>{X&QzcP}i|v<3JzMf1nLF79#J-7dzc7W{=4%vR$QfW40M(nnATKO%O{>-Ycy3
zzKGi-CSR#bYQjYw2p1#pJ8H)}WxZt*&i*_Rs82b_D|%QVIn<f=HKBE3sUOm){WNZ>
zSsjEJL?0}TOG2MiR~M=we6eV1JQp-j*jV~!ag@9Pr%S0<(-fC$qlBDpPJ6j0K~~RW
z>ArO(SjMMsisrv`9wEzD6334YVGw8O>fa&W$mH4~PelZ8@4>-v(c&7A4AoGToN3BA
zD@3;Vbgl>u5^BzR$)%#vK(=2KxOdD~tCrcnH&c52c`mepWk7is=C)4TMJQW|B%Spe
zrtR7VT!RMs-g(<Qgv3V4leCyEB3_v(8qSW5x~?Pz?Yj?5JAYVHtDl7)SrG3t+u(>{
z<GAI;3SS7uysrAGJBNiX-x+Uh3WyeotJ6SqD`GH1#C>ISp5zswdrM`wP&J+LH-QX$
ze@|0B6A^hMC1WFAQ+8yl*7SV~*M}V<^8Vcma5~l%&Gi*>&{_vI*kmL1LQ?+$r)A@H
zpr%mDc#H<Si8Rlj;sui{kn6>1_!O|?gsH7=cb5uABjurRv<Vip$DsFUg!*vqRoiG~
z`%BA03zb8mk5sh-?%;?_-Y#$@vyh9cgQcQaDY8zS#rI@dFoTI_mO)@pgfC?oxW{%3
z$e`g6IxeS+2g$)N<C;T^9g^!Tim;o8MsHhzs~ZbN3AAH6K{8u@XPH!q+fIJ%RIS`H
z+7myqHN@(qfv&;w#Gez#%xWofI-+YIJnqmd>|Z`JIn`YwAK6Am@+J!x+A6Cz;GgFt
zLyls*3?j~k4UNdzmyPf;!Lj6>aRjXZY#7KOpqe3y+H2ym!)Eo>0}H5FW+uaha5}~V
zzB^1V9f;TcL2s-Aop*E5T}xWMQGw?mebl4YS^un28u>XMRx*j)!m8_$2E}`kMz_+j
zd&)%~5C;R3s3*%-(XBv9NjQyI6x#=`+?&i4ARfN-ho)@oWl2{t`L0#8b5S)DATJwm
zDuuBMHj-sG1fy^sD1tyx1$U{sPB>aO=}GmqI+uk;lw$ns+GuB)izxS4oNM~_dlv)@
z<6Ji6Cr<M+z~~Xf!liA!B>kc$!ggz?JDW@2K|fX@WL2*p)F54b7Js>1pdZ*@$SGNC
zoDTPr+R?~f*q3H4L=ugH^Dq|(Y#}8|BWPBK;WR4Z>eC*>yBhVx;tp+(uvuo7K#aR0
zL8Z#<2oMu+M<-k&njxjiX-HrgcP_Rj8W*5ZBMS=2fN|xvubuOLvJF`42!OB(#Su?l
zKS)Y|DI!s5Gp;3r|B;Rm?L9`h{Z6#CB5i_uVS|PQao1px(dflYa3rw}kRn~46Z$vP
zf+nf%giUr#Kuir-t!J_Np&NKec(8QNjgOY!rC!azS3Nh+A&NScG!Z@^^ma9o2Q2$F
z45T57n)d(L#LVZ!)3z!6&MiUz$Kl{yU!ZHPfWjtt42OYGQE*LFwu|dDP6)X9WcWI=
z=y)pjM^7C*xzWGv_f1*=evj&~*>ZSN&wp(Kw%tb3240l!kC@^u2xa^%D}a!rJMr!B
z@q)Vo4<@rJid4d?doV$e$_~+5^P{WjnFvoDqYQE1ojCKkep0>VtmC8h*^Rdbl-3?;
z9%6WG)IS^y88-?{yyFUVZ_2`<V81Dh4DCJDVzCUy#1L<|GC1ggW%pnF%NC2A28&TC
zuSJ1xdcDMoYo2!G0<jO?Co>82XBW(?Z%iScb8+gp`dH)rKYF7^1D0g<zG`=Fg~bR}
z?6LaYu%R51pe&!$(g_;Tpk5=Rx)tQstaz>Ny;;`{5<;0<GI$>2k6Os?MTsW;CXbx@
z4NYcUf~nv=Jd&Sf+R!pHl#|jQaNpnIxSB<Z{=1(4$DCwlW9InZdj8+$BrDVZt>>Dy
z_W#lu;@zhjbdg|rh=-Bm?od<?ZUtm^KPAjd`5UH)H4|u~*u`kbOvSj@i{IQv3{HTK
zbUlWx^Lt1R<goD#-^28DbF=4w|A}V+8NlAg0Ev4N5*kHL;$e=51cQ3gikv@^dS--I
zdO{C{@cs-FN%_V=eaQuniR*7{pu0migOSmoqjB<Tb7I<lg78qVo3+nfrH)Unaam5I
zTi#~8plPp%x!lB9_vZIj#BI869)Z>%8f773RQ_SeDQqg8u3-&xLz=b&I8IAbNAl6P
z>;y)=m^C?}aLNh0{2}DIM-dz___><{{-vW0eg=?ekr;<qxO&{7j7p9IAi#cQz@*7%
zXYLORr={|;*>4#AjHlgTUcA$gfVKwHILK>7!uM`v(Ihk09C3ILwW!_YUZZ(a_4=NY
zkmA4v@~whNvK{v7A99zOb7_3^4kc%r37h+DnFA4p;0`^dSCErMFJ0}bU9%3h*JWj7
zL~Ec{4RAbkV(G})ls`~~fK!FH$tse+-%Tj3?4&K+dMuV_Lt8NFD;0V$C}xny9uB6L
z?6Jnj55j$4rqVpJ$qqAypTd0anhL%*GnZ66iV#`3PzG^bdo6XPF?P4N>Q*pp>6dc`
zNnq(%+*LYum5NCb{Fz|=k!~k%>Bsr8bo%!B&?Wb==;{k{Tx?|10@%Ubk9e<uY(Bj|
zhD*B;)DihL(nj+!D7<Nt?WZlSp_mdBMs86g-%gD*DH`}$6UEJiizi%!g^nZ*QOKq3
z&E}5FpX|+Qsn<X1dh!Qf$FR9(!()k$>L+LBt8#Tf-xn}L^r3tXq@Gq1?e-JnlSQB@
z79&{i1vK0INDfgt1~}l-N34}?hVsw?IL}MkB}cynqeL|Gb))gP_L{Q&-F&XJh`n+7
z<ZV&&hG;Son>cG2>E1{kv@?jaGtI?{#qc{}n}ZRt`lgS&;6TLEe`fy_@AhUpnlkrI
z=|T`=&X&s3#ypW1lSlN`R$9827Rn3MZegDvdJyzMX){5)9gwh9b4P)mx^7@>GL}Wd
zL%_{Eh$~iLJ3719AOOY&luS;XF~VKKvpiQDfVe5=(nDlYbnrX(=*x?s2`Ev`qpCdD
z&hm$suM-pGXos~);-R#^n_#=m@?v5f+qVhsvcr#5tFszyjJ#5)hOfc~uLEhabclLV
zr)s~2*B@<aflRt&?SEZycq1_`DWUi|_+%0kHQhhn(YidCgCM9q7sMF`UoM`caNmMx
zFdAJ4pL{)g*Urjc9wOh#=2i;Sv9OLfQ;)Fh562ysMdy$`^=aXUPE!ZR%MacLUz}P!
ze4V>~cLV%DecBfMMco=-ZOMU`bU35D;W!jKtxNh(;QAjfCNOx?^vMXT+6As8LYAl%
zZNo@8EAK-T{VCfa4&zbBJN?M}Rb9yaskU%U14RRyhbHpKiZ7R%DY3F%@x@-BhO10_
z%U-Tus3}Jqn1Y|TFUA1U?NU#>6>=QhF2V@i=#*2WvJ{zX$1CoeY@r4(N{hVQwj*61
zT>(iAAaQ$2zCa65InK}&GV2t-*i_`n=?W8W(`HpQ?KgX<f+=FJLYJic<;p_{>A}TN
zau`Q{r7z(KxQVAAdg0rA{Ot}U??0758R>@+Z{PFQb;_jyw6m)#v?y>RSoynLs++{u
zKs*N*%1P>h6kqG?D|VEcu2ea$VuVHdOa+?&Z;CMAaV_;wsK_m;PtkT#0u5zAUY+>5
zkTe<&eWC}u>=LUOh>voGiCWVFc{C>;VhUgsW_l3TspFv7ANk37<F%X2c#`>YsI(r6
zIIY?PL#09b#;L1*#M-XoyZP%5eL8RaYEZHoXR-{s$K`;P*g$5GHYzg?PEW!@W*d_S
zR?LtQYl9z)TfJbCA&hC~Qi^IJcNLodJ*$X*n6>Vtc}>Zn!k=lI@EB?n3ZpUTY6p6@
zx49bxKqTtDfL3xJ<=%o(E-@!T<6WQ{`KrRyFv*NeOucDZ@?Sxol#P0@+~~dJkqOAY
zfSVxg>5BWb0p(Qy?_%$=+wF(N+j|DsL&ZBoN<s`UBx<6&Y;wgoT()i1xGvw4A2S;C
zT`(m_m?6EEzE58bbA5lNIUhK~eTw3G*--6mK*&BswbT|o3v$l0KaO$KTLY=YaVf}9
zn$SbRig$?=vb5+tcpxgz?y(Ieh-Oz>R-?Ay0!yJy4Qfz;RXUgqKH0-%BIpI8SDM%w
zkB#8gXa4$qq^YxeQmS+W*0Ycp+<(XZ^QP9JGATr;MAvr7d)hE#ZEx(xWapld;y%Y(
zF-hG$9#tm)lcZB0KNzP1StOSG*MoB3kM!{00r|$0@u!d{q$==-u;ps7Cpf>;>Sd>7
zl1pHr4k&FXgT>{Q9R|@~$x79LTzxs{LtjE~cxBSRCvG&^(unDSL_=x`Ia0jIplK}r
zDb-P^iDv8m%Usk?e|oFt6jjIrIU(hLi+#RaDoS4@#OUc5+QoPZxb746=Qbq6HqUXQ
zJ1O5N?JGkQkYPQu_uD!b%f9fSEpVymhOv~a+LjSjJTV?(33lP|EI&a3g(8N5u)--L
z2c={(OF4OQL7%4lA^IwZA3L!ogB$p$5Fu7Gnc;O1ge9xu5<%(TAB&H$$|Az_^Ronb
zoeBS9*E68i{;34VGwR1})62wI?&|xTt{jnq*C@D3rWH($CxVew*XiBa-s1>C)yIGI
zcCZb(iaCq3?d|y9kklUw3{zMLt;7s%*04SaOWWX^?*3%d@lJvvK|uejy^pb&Pl0tj
zf1jI&kj6qx>k)`ql4u<kU{eew72Fi?Y8Y1?TiP_}7pJ8rf{=_5jBRMj0MT&?OE@qG
zZ69+B(E-9OnNGRlwJ&DV`7Ps57L+I``g$2Q`+!Y2o_8KcNu(wR09wWrly7(DWx$^^
znTX=Cl|Mxoz{&F4lg5juVy-3Eu{M+aX@Y>f8nXXErL|pmqPv|B5LK_9t_CzYu>10=
z+o$Pj6w)C!w7YL=->6OfX$YG`5IO6(la(FBDa4<BdtO;NNQ{<UL|#CzhQp#$r-$cI
zma$wG-n&VqmYV$mTFf=9z0Px_r%88f{mmp(U&+7uuj6m_F;|`;rdJ~CTS5M~+l>;!
zkCcjhx)@R<W3wMY+z)159_4>TQk(jt+#XMFUol$a%LN)q4G7=&$`7uk(cHpXHes7%
z=h`G;wNq4nQ>9~lchQ;dI_)BnT!G<V>Y0YApDcDs67q@$8pIXghcx=9kysyIcCNn9
zKf^NobKIsK@?m|<u@jn#`u8fHI$`#QtdgL3hFsE=XENaf<p^v9V_OQ{$tF}U!UV`e
z7;q<K@mX;m=B<;T+)HN-v<tUKA;1%Q?OFAVtd>a^=S{NrKrM%4Y8jC5$i@+;p^2P}
zpQ&LGnA7+qthzGZ!Tmmw5Q~3+{ufKK{>K|&VP|Lm4@<JL{+Bnv%Jv_Y+~YtU@_nc#
ziUgx2q|+|ke3~O~->h2ecs4c&;Lt&j78|xQ8Ks@Q@#@}e&IgLVZbA#GW>?QQFks>b
zeEwl%wx?NI+(<u!=WY2%>t+n!J=ZH2$*Icxr{>knffZY4)WNs%NlAMOsy|fnzP}4C
z8gaP=yLH;G4(;tr0dH4c{SS^v5m}=(8r%@#SU$qaSkj~2%D4XWVkG%nqv&77;@4U0
z(qKs5UDfWqOBE(@9e(5*REV=y{I_W5No=;9Y)ej~NpKL+WCWHM&uJd2D@F$a7#7eG
z5a{2OqQ-_uu=J3w`%>oG8y@Bm_yR3)NS5N}BQm2l9sEmk01BvESq9lFXv;X|z&+@i
zmf$jk9L|{b(fY_Xu|bxnh#b1BiV;*Kfxqsb`W@#*#dyIw@oq7xXRi%dd`Xx2(J+e+
z0omHAk|ndDTue6$O`QSNU06S*K^%h78f{<ZCNGS+4G{T)6n#$6$61~NDsvFMJKOKV
z{!Zn*^@@SY19Ky++#mIL*)~{ymT@l^BH?ITce2|$?hn~hSc%Bzb0bcN7d9`4c3qm2
z_V!a3_m{}BVEIyQC>`R{G@{gqD#l<MN0}=60*J^j#E+eb)gh9hUwqy1p;Syu`04BW
z<q9UT(1_%w+Oc;6ZxF@I%*AasgwD12!EAvnu#*V8z@1;cHPq&x&JS-1Gn?NcI2OrV
z9TP*{6<y7J$D-G-5Y%;9piNZ|t8!?I1yB@}hYit{G!x#%mLBvtWKDP%)`$RKT)<{_
zDp)XlWpjlC2IA7UZqv!;lbidSz|=UOz)b^#=pu`FCf7|qVfpzG1lr)psMm6ujp(@2
z{qHeZz>yCE?sMCraiC^8u~s<Fw;nEZ5&hdjxy-toUYPC}%J)Aby$V##YDCdIdNg9}
zxkFkz*-4EB!J}B}$v0?`QZ}i?M;AqTt!#akjQqYRBIiUL;yUNbw>AeeyX~b`1ByeC
z<8a~LLz%8wS7Q1p9-6YugO-NGZEB|XAq)dtK%|!~_982E{?#{}usCY;nt|IUFl5sM
z^*2lP97SI$N{dP9`<~f6P|bJU!9MI^#l_Vd^G57l&CN!FBIFY`82ILKAG{#~d1yxt
z5mPnt=rL^sxjv$&BOa*$Wnp8*P<rX4+bK*?JV)cdt4x_l*@VTSoKYF|=Y`nAtQh}n
z)?R%RI_~<ou=NI_3(LR)fx+p{0Q96y8B3x?C=Y7I;VuSpP;^B~P9gNk8f<M1Jh${Z
zTvQO~Z}g?$FJ-l>;^yEqWH<fQWgau5zynLG4{S$GikI8n-n;w>{D}V2T?9$0%fsWL
zms`DvU|F!g!~GEB<snw8M*Tsq?)pqWV2SM}vRmP&-_frB+18@TfOU1n@T=ZnYq|=v
zz8%!49a>60SlgFDL6I7_G+j!_=ig5vJCn^m>8B%V$r-+&yjYf{Y@zlumyP9(icvVe
zK^o>ce&Kr=qA`GMC8IyKg#)VNj-c-IfTp-A|9F&{r(^a}-6{rVsE?Cg5?UGySZxw<
zvrAH$syX#kKO>iP#yi%e1Unj+Stka)idf6~NZ?hT-Z~<yu$u3S5yO3t#Nj`(0TGmS
zlr53kxF=>T7Jc->A1B>N&7^;I=C`n5e(aA0Z39aVg|g&2#*6>Oe3BtNgkpYHnbHA6
z1`4J8>*U&6L|^!^K#2P5^y+B}I1RZ!Da^AfNNhhCBnbT$UOW;21_n_Td{s8D7Yj9I
zsezAkFVU;kkTL<v>2w^SIKbUdjAk4YDue;@Q@2qTj^S$krQy(fR=TZ3c-EAWHt#7w
z3iZd-Y=}Z(5N?g7w(dL)K{6(L!lILFpT&ZVcJ!Pbouw#@kS6~x+ERrqV7MPKp7yfa
zP9i+JNOiW5^rYEDXt+ggBma<rtLCSOy1W*sWkXI|4(oQ}y&&TQMLg=Zx>95Q!YkN2
zYc=%Wrn5Z=TN_XL>Cj{CA;LZc$2m1#Iu=+|@Zihsx$2%AP)W)5U<-=t#0x{H*_@le
zaqRDj6_`sFnRgirXO$0#KyJ^WT`V8}ea#zj#`wf4*d63HRpQGz$QvVgmwT7x%g$hz
z^SijRs7*lQb)_f7I7=#hL$WdB3C>?f`!Kdk12ars+VAl{5qEs4G+)>Tq=+=681=WH
z3<gIDhH)rdHT7u<TRlvJ;BudIszr_5Wzwc(e>7WtmggS3fTR={1LFf)YMuUTa)ws%
zo9=qBhas9vWA7E`^^u&WZw@iW?6d>dF6;<vDC>Qg-y+O!U#aaOUUQ{80@`8uUw&M_
zll=*h$!uE#5{+l$zAURljLaiuJdl-sp7wi?P<H?3|D{HH%dV_tkJv*=Er}{ZZCz0#
z-Iv0W@M<1O;~lEZ2v8BK8H2h+$y2LZ?TdC$&5t9KZuI7UkZlaCk4YhxVxuWoW0Yvf
z^!}Z4gpLEv$Z+CSW5fuf5k}to6UeMA$W#bkX97a&U1BvGYp@6*B0MBw4RS&mb71^v
z=I0oqe#L0#r`aT(1g|f!c&C)39k9E$D<!JqNK`*;8<NrQ2OwF@94gYzti0rAjxkqz
zbMUPd)`se)tv@QOne2hVF2#?F_MR^Fql^c&HfjX_yKYn=WUXVfg*ct~<!RUCZTNtu
z9Vz-tW70qXxbm6C(c(#cKY@`1i90vDM*Qej<TKFF8afO381a+Zn8a-Ms)Kjn1W7lk
zKIGiWlWD{O{&{PMyMS*qALmKm$&ae$_*`7rT6=wk;`}k1_4%LNDP!)`n~^75(vR_9
zLyI|ZAE<JDJ>0h>Id%d^nH8m>AAe=>V_g+5ma1O>^jtIq?11*+>U~vAiTmFP^Q`wZ
z1be056tD_{W?XJr+j>oQa~$P1&H$;Fi8dtx0UtDgoE{aFJG1?D1bcq324C~j+M=Pn
z<%1Cf9b2d;;+^qlF}Ce}Jg1w~aTqe&5k63Y1W%B_mQDm4gh@y4Bp!>OUzJfQ{uNyP
z1@cQ)o$<eEi0%J_4+{$$)Bn;C=l{|W?0<59tX%(ahzyw2{J)b=zDF9eMarfYGT25?
zPaV`8&F4Q7@e_1X=q|#Dnb1-8M8I>g%O2r$KQX?3dO=|uf+T8dtyFH@2HAqm`L?~?
zpAh(nU{Z{r0;}BxHpY4Fqs1@@-T9BzRHA}YlvvGO&qiGtY>a68D*Is^h$3v$6xT>g
z^|L;l0Q2X|Q#v=`ZmZv!KDmY4`^L()rolcvb=a*?a$sz==HN%55N-Xdo>#vsUZE!H
zaCQK(My{{MH?Ivdj_$_4r?-b>GAQ0~yx=eHcr%^YH-SO!xjt3A&K3lnV+vPrJbz&B
zu`noed@}%iq)$jVGx8f&b8v$Mb#Irsk_jpeVBn#tX4W}6!B%R80OU|?1sLG`%;D_B
zGWf8PdNxg5qB3JI_lP+So1`gM9I~eHvqE-RhC%3Q4+FP!eq5VebFb&DN0AMek!X?L
z4a}g6og|O?*U*?;(<7(8U}6vt#ls8DE`q&zc$mfRRk?fb&yP~97pB8gROq~G#PhZX
z2;Z&oz#sV%P9HVb1)3JP)e6$=Pal+Yn;z&}mhT+s6?RZdIXnpnLk=Ofz--_6EKVYR
z5}N2JqHfPL^XAiu2P`i)(aY@Ul2cc=L0!gpEkZ}}RQ=w-I^o#cB}O?G$GAl&i?00@
z-lf71DoXlZesX?rk?DTNX>T7Y<Tb_!MAIG*!7f<Gs*7b{nxk9baSbe!zu>PX4~C|?
z_R*^DhaV}mZq38I*V9F|z3!a%zf+=wmG9QH!5>s0Kzw=^VLXRG^{aJ)ZAvVFUXU2&
zqOQ8UP(djr<f?JP@%j-h2y=^EA;ex?D<bp3t@%k{C<^k_S;AD8MT)KY>Urb>?%5Z#
zGnK!USheflV>1a~{04}38>%@ns?Mp|<_Gik5(p4_yAkQr*x>UD?NS#C(j*o3FwtK2
z*r=>djA;@&1$n<Y9Jdqm;fBv-u*b=S%D;x(=z*=n1n^bWj*+vH373voeybVbmZm|+
zcu8%y9o<u6W3q*I3u4gsH(00uHr1`TT1BU5q0-Tz>VDfkg`eDwsu*V#+N9qaG30^>
z3w943ptKp6-&oo>FB%hF*dTP+9dAAf^fOqt4GRbvdt;jg!!pq<cI<mrt_i?TFFQ{L
zAf#c`i_3vlUcCr=!-C}+FZef*(GH*;*P+r!nSofOfnn*)+ar9|0zKS-4n=qUG4TO!
zHiaPDMwpm+BWh(4@^2SJqk1l?5(FKgT;}J757DyMO^4h1#2}Iz*jw`F401I{5?28_
z+zK^ygZU2ZmEdCEc61W*_QJ%K5Xf(;&8gEMZ}Roooug{$^P5U}iNGp_KjkP30cFLZ
zBo%o%C|0?(2Zrh`-UShGLUSi#ydq9zMZHM~lWnC(9p3~yq$K&p;iWgb8m&Av*3a=|
z$bPq$(TB4bNy^nttF=h2WRF;O?AaNft8$B?z3jBn@8#Zxpmp}AjVXB_*_-5ro(Qra
zCeG>*bLeP)B2NG@+`hs}PQ>S&tIC+F@TR~Di~8I4oQgoNJ}xb=RbW~T0eZd)i<#<V
z#)C=s>sLXVWiM_v-*=4f6YaLym~@9X+*ZX&|Kf_Hpo7GD(%6sfJAD_AA31Jxpnt(w
z)9|v&>qg@7RMujCD?qSK6VrUFHi8fp)$X!AZ<!FrqJkW}!1UV7Zq{<Z(el^Vs1vH$
z7*Ym%Cm;-fExB0&hTEZps}=`2Vw9%7rMnI${s==9!&wK96W2PnJD*Xq49~aa=AwL!
za-sL=x|oKM+^9?KM_d@`!fyj}*Pw!F3nW>vt}QtKVNexSC;RJ!;9^YVo#IuV?ROjH
zeUxmH)5@Mke6XTFDu0)V=WKIxe1=tj!G4q>NRYBwMQmX=aDz#<h2f4vP%v%LD#2_Z
zjJ0NbU3x?M&Ngbc)_|EzLxV^$Xvz@ETEM`vU{sVLfkm`XT|hp3U)luTm2$S#n>C#J
zR>ZQkuGY}xVl?8S>l7poWv-Miv>qQ=5zalJeOrO;mJeyaX7#?E%kMEgt8Fi~);!$A
z-JlIq8a!AD?Bc4!3V-y?wV=Y7N*?=+DNX(&qKdb~EHEb5Lqm<U!%HMZ^>&#eQ#TY|
zyv|##DXHwvKI2#xFx}Hh%|_V!1)h`V<^V%a#%QcB#)PSbC`+Y|Z^=WG^(c|!r8UQ4
z_63cuE-IWs+h{g)=TggMJbr0c2UoD?JHZ{Ec%uCaxPi5Rr?*5IPO4B_^W(J8JJ;FB
zZ4?&@TR$%-b{IuEA=)@kaEV%rkiBa;n?fN}Qm|nLFS5c~%#%OJkbls4!GjQFJe|Xb
z$x!f~^^)dA%v^D6j1)Y<@yS1CAr?cFcFz^fI;KX9HLoWOEWv}x>mGvA6OR==nSWuD
z{Km!r;LW?fU7dQ7z?a4ppxB2o3CzE5=2X}f(SHR!;FGm&ZD;C0=(=ol6$W8sTTo=O
zf5s2%gGA3nW_$u-ywNFqq>G>JU@l&{fMn*Um*>Z&Rat1{n!Eql(9_S;6Ri0?gXIQV
z<>EuXyWZQwTdzpJ4xg8L?oQ8z=&MBnOSeuSr?`9aF!c_Ym>F-bE^eO7^kl{Dm`dD`
z-O5N|XC)-ME9th6tE}~2Bm=wfWal8epkouovR?iX|NaYv6M9B&d!@%;Q4X2!24mm5
zb%W5P=wrE_H=E!-WpMEX4`xonxv)#XBkoU0@wJFgv-IEyn-K^X@~9Esbc`W)n>H^{
z#b+4P)o*dr8ia5lC=q<LaMkLVYD4$HFiUc!gg0=t@|E@cH5@bJgGlBAv1|O|2;Sg*
zV~Y&6c~vjr@rL!r_yLFd;PLj*+agE!#P4CTKWoBQTBA_oT*k3wMS-1}0O=KoadB7t
zjBU+>?kz0YcHuXB$pGC%bDlQ9e5EdBhwVitzzRMLSBp??Jy1{1nBW{+A{G!&Rs;S`
zB}kG-_9)3<dpZYh6lLhYS%>R?S%--&DU?&V{tm_w44&;j-VX;eQ<AZSFfget=e#DF
z*m<U*`uukv3bX)rYh&%(sGPlbv8^@v(2r?Jd^BXO#2E@u4v>sr)y|pM1}9%!jOB`u
zxn!R0KN)camMH?tDkf4H4a{yhF`s`!-WPv)ck;q4Z;aYg>iUkob}#a}HSu_QCj9+Y
zzJ~U}WL|1$N${#QrQV*zbOSgO)GgeYJU%U@Zl1o=f30{w?47iKX?p=$pBG-g^rlx1
zMAt?)d>+mspp6ZJi5InO<<0D)%36{pIZtr~&B`C7(q4$C?>++_>3uO~u<#hoK$i@H
z69^si+~~_hYfYyw<*vK~7%d`Fu{;5Eg@N>(UPMOOdGRaxuox1}G{AglfZX@yHt_CK
zt@ncs2IAkqFW>b`(?i=wEO5K{B<4!liF9k^lAZ7`MpmftvE;Rkh}f_Oc`9jz&x5*#
zt~Wat>w6s6yO8mnu$APx@#z5kO#E#Z-O>0%bE)5N5w=r{Tx)G1X1%7(c%#$Ap+Mkv
zyMpe14v$j)U6$Vc1!#7^nr7V6<*5o_9M*58=WM)=oE&PWUL-{H{<v4UY;nSjeCJaD
z`}uzLulbkfxd0(i9Tn4bE0szq^|j5Y@%Ua~>#=Q4f?}3=chtlUxb7@x^Z)cX4l_bd
zv&WhW9ChKpq-1i4M7cX<?7E7}%ZZ52tp2Tbb6_z|z$_2Z4?zFw9U~4Fq+>MD>)<x%
z^!%zCR_9<hh5mD0Po}1+wNQamG4??u_s|4l@+G-(9%;KG9hhisv46+6tMJ{5BPMu{
zXKxt-S8)*%z}EAxfDzP6r8<i}a2r4Etk7I(lvO`FG}=l5@l#pCr+paSE;HWah4LVY
z{9uCqg75292Bh#FIOY~#y^UtU^mm7dHAV)wN${_!(tVRB-%}R=g}$9)KDJ9t!$8R_
zi;a=|qzb!b@g}{3+uw6t8Pp)LBSL$^tIH81NVimkm6+BnX<UULvH03(gUiMd&VraX
z11Kt|xD`|R%nQfH4sbf{Z}}<&kJkerV@sxUZgA=~fUBOGQzbmLP7^IhkBaTGWpC`$
z!Rw|Y#kBI)Z;K}02E;m{H6t^v4{`c^$1ihxy{kttjZK>(4oQd-`2R!JIR$1GZcREi
zI_{uj+qP}n_+q1zeCgP>ZFFqgw(X>2CzCTXXXfI+-uLfbRkfa4t0Scx%}CMCq`G4{
zJxnO~tYLoG+1kNenD?rZ1Z5EZ1kke0Z%ks)$!$0oehV>57(sdOq>CP(noA*WZ-%i5
zr~=8r%}(%5-kV*#{q(E5Pq$_HEVLsNmIwfgX-!@%BLs607i*ICmj#8pqgVD%MipTX
zRGMGMTr0dkb}KDm<uii9_vPJ!N*J%gGXDW+06WLRSy$38$z_>hJ=%Z07kB@jSJ5ig
zytiT<_bGVr{*J-OAknlC3iD&tCn2ruG7}pFn$9n9rwI$7j@=N;gFx-?44ON1tgXL-
zW^mj#i%1Q|DYnmR7gTbudaH&7<0Mm%_Z$5Jsqp)8BxxI4z%?hx&pA>{)sBR|K+<-(
z^DlqZQs&0M^j_XbN#q|zDH_+8cyACiCK&ND)teNV>>^eVYs><yvyM*8@U90{q8uwN
zFc-U!>hZ0v&6yR-B{h_|f@$y5s5H{44y}b;hPJHPz2BVDKCOKfBa<{EKcf^8Le5dX
zR?GpGBQTW~X&)P(=VJAtGO4aa1Y9Cp1xBuLtAg9@bSJK5p?LWL&khVvN6Y3=9GdD+
zIQolUJLf$8FWEQw5Aagk(2z&Omi+TxAc!S){c4xx`iGB5u887|CiJax4Y&NSFosxJ
zV_j}I6tEPEfb}<v*o8H3x$Jm7{dch(A_$FxQ3y+o`rd3vk{6E-iWUq4%83Wvd$FTX
z#fGOt-`+7D^}Nqc&aum-H^p5PWkcdY5{4aLh+v;&IlA@p)*7(d*O-b`IP;Aq;JR(M
zVJ7&FCPB&ecrlIHcx(~iH)&Ax7GYJs(7TTwjQ2Suc62Uc<8h9>V_oI@>2AFN2FGE|
z;Om|Gp6+3D`m;CKPmfWm#U^HNflY=-w9vZ~luJ+laGQG|(}7a$ffXy8G3m{a`o->Y
zd4ciyrp-BS%4I;=G5)vT1gh@?yrU81);B8sCzL;JF1@p?n<A8YU@R)rMn}UT8e-t*
ze}!LWf`i>xBg|96jBDO+-H{SQAWlY0FrZ-k<Wct=xK9r_N;@Orh;}yy9mVi&#5CuO
z3DehDUdO~%#NcW5@i-`f2#yi_r%S_`Ttv<-4Ns@Lu#>5hRFSg2G<XyS9Q2o3F4Z7S
zc2E~PmB*(m3qL`#zO}R=JZ%4Mxu6@z3pHF&6hAXvWxP{t(47v7NcykI^{^3DQ+?6U
zAQ2Jc;`dxny}}RgbJVE75P)Q%6CaJwX+75LIV)lS7MwW47C`{kOhVv}I!a?Qnz@0@
zxmG+Cw9lUw2rMb|2Okn0;7+}ou9u_d**{iSWKSE~<BvDOvp8{?JT2u2gLxvWGl~Q&
zGiJFvx77#8z^*GZoCLB{%!h;2S{X7<J{KroR8vg7H~kF}fwiNY4V*`52a&n4#1H}n
zt}x3v%q)0jyl5TI7XWsrS5~1_@{q;NE$#Rn<J1fCjg{|fIs@<raMsEry~rp($$F}w
ztOp|w^xi$|LGDVzDm5q|Oq(ZmDb8A9neI$hJf0ztf3e7YKUm@pW8PaV<Se|78K0lO
zN?$ZJAB`i-6pESDzl<vV?`i(e)vTKhauBggrIAmLV=v-p3}9+$*5SC>*gnBj@@!gY
z-*QO_wm~)&3a1-3ko1HE%maWu)PR(#%6qI2WW$I4Muq)U@3+Jn7pZ?>uAt!fOuO#+
zQ0ufblxtNPN|c+^g9*Ug+8o&?ok4FZ**&!J?)&~wV57ZNb`2f-Ae%#K{Onq(kW^~y
zu0dW$6s^ujymyvfi1P@Ng>85i-$RI6$;Y)w9NF8l8ObFCGL;e`+8ud_XNnguruyJP
z$6AP(mVGDvE%juC{U>T`Vlw<cNHXHtkJ~2atUvU5{tPkwt1d(Hu+XW2j}O?kPCB_5
zgLL(OZ(Z!5gqdYT=!1ganxiaw>!OO5Cz>YCfgVzt9-#<DdxMG3e<It}VsH5ObGq1F
z(#7u<y=XxmNQY+}2~uL3u2HMMHA(X|X{rXO5;mD#yl6^|2)wtIG(q;yfFpb@lMHqE
z%d<G6mZj9GPmmt0c_r>YdRUcQ_9t~$Gz%O3=SA=ix&)?3hRSM1X_;c7bx}F_6pnQR
zwA3Yf{AXD5bfkq#iA0WXV-Sf9abc`e&&56bE#Zj-uq*8WvaPMf-n}fThn!QD{5H*I
zi~&bkMEg`}WD?vO3BxgWcCr5l#APZr8i<ncPZu6({}27vdHHn4G|#P{YOn|{N9F2S
z=Y;dvZ*5`4wCo03(N4IvvKNGBT{HWrV0@ic6@t`Gmtn4*>t%MAfAwWrg}h6lg#yb&
zgx)difl8!ES?2X70!|IW&QXjsK&AH?4fYdN5HHkV^b=!M$0W4Tz?@QvkjHm(=4*)v
zhDe?4MTG#|8*fy;-J!TAWrE_2_s-y>%Xvy>6CxwAokbg^DHEI{5|y19B9+q4D}wxA
zzhQbCFWgdF5*2GWFO@p6jtN<L#DnMDLMj~qK>o--_$tI+R~vwA0Wo6|i}ow&t~2U+
zjg$E_^3Oc}(xZ3)Qhc7JzyudY9cy76C=vp!P@-aFoKv&mZ-}a-t_(JOst%!<&p1No
zL2HA0UhFtlzN!Z!WSR7U+U#hYkcb7?YXJPBh|FTsOgf{K(t5~vNpDRT&kcdh{iwGo
zu%%LR5i(Hg9NC~AAw*Ux>}Ov$EqM``@tD5iV5fKzHL)Aaujp@HA^Z)VufdMck`+7#
znvxPbkLtalI#t&P(kDzBq8ZCzDowG`#IEoI?Mb4Rq^D9|Khm7l(ogwnEoy^i`6-fo
z8jwni5vSrxycv{Bf<ZcGRj_+}!+To>G-*6YIargSIZLr`z{<qtn4}AV@G%}iOiF@1
ze<~zc+gzdHKe-l}cdsMb9GdY|X4JJj?vL;yZfwyWiXFPFdJqPK#Z1+_|ArN6=y+TJ
z_NtyrdY<X+k1MCNnmA?ips)Y3Fl)elja{whtvhzlh(o0DRK*wRTm(>l9CH~1ADDbO
zDQBejXD3e&xYacsf8BFTB!2S>Wqt^a%dLdMA}p=wM)TD^e&4u)YqFSa();u`uAs{u
zO<#su&Fm!k@zvd&PQ>KK=|{5gYe%cBh9Gl9%(!Kgm?}+yncx}T`HlvZXRB;|GzrdO
z->!*aX^!Nw1Y(#m#=%GYq>dPvD^R+5cOz6|e%U?dIdUq2I$CHG0+wcM-Q8tc3on=V
z@fTkwrj4hLAJ>=S?_Zz4SCwLs1;qtrZi$x3-sN)9d3eFAdg+?{S+a!%DC=p9C-ec9
zNNGwNHj5h>XWB*Wu0B3Od<v+D_Bg%)v?9>mJQtd-E1QyR&wo^O_%xP*LG(rNi8kre
z$2FGZ$k?1!u9S^0jBIFeJWllqN9So<$X4Emv~dX%_bR>jA0BXT8!wuHSBg`X%$u5@
zPJB<R)`!vF_Ysk~Ic{}&ava$Jap{0s+X|j=y_+z+19jIp<p>_>>%;c$u35_iUw*)A
z!e`&xM|<<QJI$j;5#ubdbH$5?r_;mP>v8^eE{}jg+-<OSaN6eK>2BGc;mgt2%hU67
zfAIA1mOy|W$Zf#AK_pJiKV$6T_SnO&jDY~^T(49V(_kOok7+@`8rj9<V5en?uWECm
zT+^LgJE`t-@;LJa=un^ScG+H}E(v0iQ;|))_;tlNBpQ(F@JRuT87-JV4jwh!*zP5A
zT5ygfQ`3`5{hE0aYrTpTf^f89cqKX|VT6-<z2c0&Ct{Wh?B5HUWG%!jM|#u5oZ`wo
zRe3}6Umee=^E!=pH*D|acU}Me__l`aRq{iniP6<npg@EpTjFX{S;g9nM48RSw9fA$
zZGxfV6AQh(=Ik2C*sC2k26T2k2v&lg9_jkl>E|*WlE!37N<r|P8V@^vLd}ueUuWtV
za`BzoQ5T9{v?Mgx>k7II7uF!no!vL6FCF=-4)qO`&?~KHcu`E$omv?0{)OSp7%Nom
zInYiPf;vq-Zl-4wc(dcI6_LcB>A{MGo6Bz><fU%@asyZ$h2cFfAuw4A_jRDtn7arG
z@67JILEY?0;Ky{duX9c(7_&UpQRcNrtXg}{<Aopn3A5>i@Me4R5cg29(536p&3Z@v
ze8;^`l)e2Q8l3gN(E<x6Cr84KvJfyy)7E*N9X0!{+~CjXrfg|645+un)i@bHnH+9&
zdC|l@VB3QbHTkCssf@q+M$HqOz$+%mwkS`^)(A_Jl;KnFRsA&mJr8jzaX$a$^)n}l
zrNEny_`~;lMR?4~q+3%5++x7x<^*jqrHkT-E*?_@-_!;O%US-VmHEe`n+ec<IptpC
zZSQSapi^g6p!(C*M2y3^!Lzc6bE-MV9O<TZzs=AhW1><f`>wN8|BPcrV%_6Ne5EL|
z5&lf(A-og|on1UI9jiKo@657>*WM$z>rCg;KwqhwFF>x~hXhEE8~Ej}{X*plGBysf
zD6WA<Ul&a|Ns2NlB||!1QV1}787xcLQ;>H&mKP@R$XrSLz>=a)IIRH|={^i^cyKd}
zian2;Zf4Vg8M(f8K3^EoV~1_8v@+a;swBk08$-;r;zub9=X6f5HmKyc{|K7`qLZIV
z07*T;5*Jo5LPmXc-~B_tMN(|A;+b(QbU*kf9(F`bJ7|-aeReqOb~8|sNcKkrg<k*&
z^c2X75B|T#2VyMe;o-o*YFDp6%0aYMDDQr1q0k+lPmdu;IL?e=nhW`yN&B(E;1M2r
z8I^R3d0<Y`L>=vs$4?3?psnF2e)DhC@?AN&snLV;x+HRk<4l|}Miv96s{tmdP?4@E
zK|RaF^tXkGx%{QP4q?Etuc-BC?~C&Jb=ID^V&r0@QmXqc(|f`?)Y}~N{Hb+f_=Ru}
zOyM-KLU4*f7~K;{CE(Pw72Rx9QRJc_ortmg`n|WjS=G28ftTmt8euI=$i%s<3Pt9?
zU$Q7LT&uqvcaWy+QZM`rfV3e=iVizJX}rFC@8j~0IwiIhq&#3MBAX#KG`sL2X}ODw
zrzbu+s1-@od_Dxp_{Fc7YbGyyOfgQll@_p?D)c$V5(u<2$k^@5A_M-Z8ihPsO$|WI
zpmR{(cnxX?{cR9`DAylqte!D<F-XV&IX_JUTGjzy#=@jMLKs$;B8O*<!kKk2Vep2R
zI(uq5-Z7YgrU)Q(V#f9*sJ|KU6((Yt15~j+a()%$+94IrX%*QQ<#qJKi(Bm3%%%Dd
zGRZN6%|c~LQ?8cEI9kGHEtESOWov{n!%{u$<xz;t<t}DA2r#UOHYobr@9r|uMWGPY
zH*SzP{no%A%YXS@QpY9?v*Mz6Iqo($V1G?i4vUtg{G0{$8=<?AVy06P9pu%lFBR{p
zBuGW_FLC?fs|}(co-Ug{ghqs2=fpj%p}uUWpx>oE#Hx!`H$EF(3G#&U0&b`e+hrRT
z7jrOQv5J0`R9)JiH>YIiY`#wIV|jtY!>gtc%U|OYVI^^5#^zoQLX}aL`R2mHxPa%+
zvasa^3zY*oPB`0U&VP$lgqxF;Pm*HKq>;GiPBzb_JNP98M3%~H^T|hwLHrJ=H6zAP
zuH%hYA3gDu{+PNoj@3SS=wYf!S@Yflp^kd?an@m1K}N#@^<09)y}gmcstT#${Ffh{
z41`t}7KSmA)*k90?X2gtyKq~WakIf{NP*y+uDk_07M`O8fx}We%|7_{Rv>71dzp&*
z<YCwsKE7+3&xFcim5Roziz_F(S?H#BQXT=o0FV+=>z?+1^}smA(a%)@B!)YqXM5IQ
zi}~!TF6(es*rg4-Xe|N3t<W^6zY1y3HO9^KSk-73IKiY0<Ic5y|8XWtxeWHA>J_Cc
zU)uq){^g%oa5zO?fCepE5t2B$D~|3OFkg_l6P+-aT7anJ0Yik14&8o|=STiIi0@q4
zBy}d+61(Ut7on<-DEqw?Ihm)lX@uM&UFj#Gtx)+<hkC>r&ezmuY@N`CA|BABX%aX;
zwa34%#(usy__j<igGqi&z(JRn?`(XQCEpI54ulHyvGgQzdq?S}-5EIrshdwEyXSOS
zR&B!|&)=^|+g3$BIe#<a4dN_ln+#XB+6Mze;;J?jwPe=sOvj7vTO`IapZJm;ik^Zm
zbn$sUc47E9>RNOhuK3*$Cl`<T@YVUX_WEZT@bfpx)wNN>Uq9FRy=N9meEJAdl*Iuc
z@CQ;@W3~EuPR#;XX+mzh`#s6PTh3M<$E&U1FHDzUfv)w;_J*YR`rHr~TURr(h{7IM
zwh)<6JN;+E6yWF!{l~z*K(5g#)Y0!HDbv%sUwGtl6F5}_bZ-(+`{syEy`<>s5OP25
z5G_PqBpL3&KYsQa)r33zmYUXtLOsd`D#@<9=G@X^Yq`{lY;;AX(IW+94ZoLwo+?iJ
zaB?~K382N5jB%FBS=VdlEfcT{C_q&k5{H~e(6~a=$u=(6cpdT-JyEGYwa`vxOp8kj
zikMQf)Utw=JK!v~>IL{#z+ccgRE!Q77z_gzz_8mOp_|p#A%1H51-Nyn3Gz<>o3{0I
z0FnaUDkI#G`q|RB#Uikfoi<~YJ5rsx20xipmgsYl51mX@ZTy<5!x_?Ag1Q&~I-e&V
zEO}QbZu9q$>XW;}H!%Hz<yslU_sYw^s}0WnXACMwa#s9eS6oL46@A*$K9dag;1ir|
znnfU*h?3#;_&H@kyED2Gy<-kR>W+I}wW5YtgCB=R7b}8iZ#O@pR#}H<>(!X`0haRx
zR=$%QnSfw`1Hr__%922BAPm%4cRFZ7q3fQ~*qO|vMhSqgk#414(_4+}oTE;6OtQ75
zhKx(auI4078Ia`37*pB$u0MS@!GY*q_v(}{x+e?+X~Qj1$g%5?fKU;=S9s##qJ>$b
z+hVYM!*K162luMgs=N~ZFsj!}okR~p2x1ymiewK7IyQNRw#~+xVgPPeZ%$saeT@3N
zyx#6jeeB*IH_P9<g)NnckM=v=+4Y9TU>_TrC(vhFD}`oNcH3$EjbR`4mq?xGykciv
z_6j?Jgo7p#p7bAPiqJY&MVE*xm~LGf*7Hwm`r8)K9?>!p;{ajQ!fW}lp^M<l3&R*~
z6PV&<<SJq1o~VQe6$m6ssdMWew%sp36BKBXq8Gd5A4}lxWg?1mTq}_1e=J~nzg`Po
z($9cOy_?b3;YZ$8yioeLO#kD;y29aHTlIB{5<{9*Id6Ch$F?d69lBQHGOv_}RDm)B
z0y;IG@$8XHjLl<FM;N!lGQBt|6!ao<#*@)3i&&|!R1BmnW)b)}Lzsp5j>auXw!zMc
z83>{`L-M^exASPV>&4ci)ZX>^ax{7Q3gD9gK_*|ZuWvA|mQ;BXB8?d?U!SBqk-ZDQ
zM*^)#Q-D+bCt+uxS8cGRw`o_swUL^&OA#H`_0Z{Dt5zqjAall3H`P>9xkC5V^x}KL
zZ^(I4&w(UZ0su-QPoIPPU>5j;fISP@=f{ae6W01LXA+kwB*jyCO)dCBrPchowjMjM
zaBCjn?sjL59{)Ma1Wzo1Y2{7<|1-pk0B*t56A3*!1df|yG=})X5k7Z&F4$Og)JtcH
z97kYi!f9z3^u3IutW)&%gDFE59yw1tG-_AsK6M~f+!1)-3g1eLPTlMbHW-VBi5wjn
z4U(o<hczg_h7&xnyK;0OU}iDYEZp;;l!3(=pAx31rRA-%c$lZmQiC2C@U-|9#+DL-
zVxG6{jEev;4SX&3zpZ#|WGu^Z;CZGqe+sOt&1zhkwS*GrFHH_{BF2l=h2KhG{kbD}
z-VvM}l?$|8=n;_&{${3AoKt&P@h*}DGWqv}c}=fHZ<$i2nWv`^f8DUUovl}Vn3zxZ
zV~R|w$W3pz-k;ztaOegiou+Tu9jvW=9TSE)z}5)hSw&-`(EsVCPC#4}9<x|=<hrZv
z8rHn#&nd+GPV9!kD31;2q|BnUrvsY{+8O7pT!FYXRzrd`q>6BDnTNSpWj68L6|BxT
zx;P?~Aoig!ZEz>eO$%Y|@_%R=Z&L<q+D$fZyCIt>m<cDme?ze`r-W^?4vbpH%oSTG
z8gR8S<};LPtT-dE`lsEq4$DgY(gx+nEtGC)qM!2)22`pQSp1bv$1X`-);S`<%bP%3
zWd)v8kt|FY3o^#M@;35+<Fr#;M1i=r$S;X*Otr6XZZCgLab7}sC<?lQ1M#4$x==>c
zmxM=PU>aY{BhTVaQfVT6S^amFWP>pa5jv_Ra{J%5Dho!9Pf=E`hNo22QwD|LPv+x2
ze?&_BQnJ`1N@*HhT^A=R4hWfKXx`SZ`2ubsnW*6P=k*KGr%RL1uo6*d2N5b|q*xa!
zQ4a{E19Cwbqmkahsq%_xKxAf$GbD}0ZMBvU9qG;=XmK~@qi)AvE^pJ}LQDMk(~l(=
zOVVm#3jJ6z*3_tT)D;5;NZC>!T(-6OaSxaWW+f$_>Qa|EWy3Iw7jK>}p%1<qwt;D1
zw&(h$R4){Urn#QzoFz^ZBUAG6c$+t>`~H$fsQ33y<@2Rt!z6NT?uGziGon0&f~MsN
z?rFnHe+4<7@ytelvJ@|MG9q{WP?4l@mW2y4($ZurbzCW~`9r!yt_W16T<BHUXxST^
za7V5`oZ=I8)R6fRqFaeMXr=T35uo4}hWIcK9qe__ukszWfI#8jMde4{jes$eEXkH(
z)R~aB$IPsOAk~U1!FpxG{5V&WJyxU6VDn=oAR#XdWl+h4kZBNAj=|)>pE}~C@fxg|
zU$VF*dHAnyVOIf~P)r>p#!wFeg)u6;7pKH(4=C9HD=@SPB_V*@4~-z#9iY-1v4dNM
zcKW&HUJEy7GutV%u;T$T+5~5xrv*0htB8iywtiPfn@1Eou(jpIXcGnS7>-lyz-f^S
zsz-oKGC}afyEAf!zi_0fW>z)xs0ls}IPpqoEwKgtp#30~u=%CH=c#2S#S7j;G(7W~
zU_yU(=eZupVaM6=<BRQl6u1Omc<=TF@J;r;**M%4T8Oc%indZ`|GInmef%4=tZWwk
z<+-I0VvByVgY#1oU18ZQea!0!$lSA`x7F2ZO^}Iyb<{cw<LG+#%WJk8>R&2y<t{<D
zj)GpBcK3cR^66HsS<zU-fL!Oj&wTwq{i-gUA({DR@9A0RqjFq4b71HA3xGS?ZT&OT
zA_~yMo*LK}p8Eh*A3Q0^a8>XG-AlCV!z2B;8fczt<lR@h#Q2tIc{)Pc(Hin-o6cdT
zIPqEHw^EwYRkCfrOCU5rDX$ZUm;Di!ZTmazeCw8R%5b_UyM6uD5iiu`R9ydu$yG;u
z7%wkKMh6RoQC*R*1*#~%Ig;(Az8xko===XH;9gXbkPZ0H|CyORVKxFC_Ww5Zv2pz$
zfMMNkeF$^Vb5R4qA1n{fnH5WaK4qU3u+Q%1P1|URi#3>vClyJhOh!dBcJ9eDQgcr*
zosF$8-Vo3r=?Af=`)GFAxSTD3(u<DrQ1ZdCDi5Qr@R_OjK?C@bYC1V|Vs3|BL>^xp
z_!iivl#yJ~#tj?tncH1DE#v1huMuy+qf3_;U(^B4e@2_kS<mPyIR%GCdzsx%z|1eN
zbJ1p%2F|6Zjq=9Cx0RR{txMf-;YzayT_2+riE-0Dk_juk=Ksj-uu|lOVOrt^?|;NC
z@u$B<Yq7X+)<yY(JN+7mHJeIf=zC><akYo(Na)2VP8buk^3L#7PlZJAO?UwDT*;>w
zLsk)sF4e^yfBp#89lQ6BsaUgh(|PTkl!<G5y0!GQ2ueoXfSP<U_-sfK<$)<7JjD4N
zOcGQ6<sK!Q)J=&IRcaP+rIS-?FK?LYzLY*bI--R{KMO*O<WQJG=iBM^yR$_zQg^>M
zOrwI9E{$exp%ZQN!`DLn35f}~#B*=w5*xD5NvNm%MLoo`j@;e6?(x<;j6zX(SLC`}
zdFqpgGMKqK)sfE7)!Evjuiw$h-D%+fZH$2%TaBZY2c1Raw-9TtWmaLLUMYd;i0u4T
z%SZiOa{9oFC;DLpZN&IvfLjFp4UUO!;4s!ZeAMrQe>tRbH4^Mhf_fcju6O6yytYK5
zL2~};9zC|q8ch0^(8)AT9%%4s2#Eq<F76b9vM#vG9q>e!3B_OB<uUb)eiWn21IviQ
zBVvMKr0Cc_Xv{c33F|!s`5np6-69!Rj_-pP<2?ahGo7U$%SK6)?v#j+X~+%n4}#Ih
zn46=PpEq<O8lPVfF&qqt^rMl?qoD?rKr4!0%{9PHt#uJwD=F#G-SLiOEv#+Jmb&E>
zp$x!lWBLcj5qU@GF!3c;c_>qasKP7Za!RpDSZp=d0y^#Z%17x;_g|<GTpJ~0Pb!lA
z4Z<cj@$@?92^)pcGi8PHQuDlhBA1vw)`I1dsTru1=Uhi&e7+J8ieDZF-WxBF;(pdC
zr3|^Ie?g1gEV~cgU3~~PK~Zzb<hxi*^4l7U@V?^7S0^{@Trp#6>9;|Ruahg;MiKGb
z&m)C4mSfM?9FNwvB__Jmo_AB_gpf8Psl%&F9^)>n%Ys9|ua|@w@<?W~X9MyQ5Bz}c
z6%02a4p8s$#3ckqV>70V%~qgBQc5>(OwOH!missce?Rd&QPt?9C_W*a5d18@yeBdI
zNQ+vdq`^mqMY$uzzLE~2W%YnybdV#?n|5lCOe6m=ELZi{swBmv)loh43mB5M+C;TF
zd~)8%VY?&0vis6;^<wTWMIF);-n6gQ>9(zNcR}p<H%4G4feAO~=|P>PqQQyFju8&D
zi(qhB><?|%pARp!xQrX;G1?AT5XYXjuA`qwmNO_%0_zPOUF%5-BH<zgM{XwR1|Qyz
z1?rA)K^wE^i?PZm-oIVBy0!CjTygw3g2$)r>8A|3(ip@ac3&Zey9l0;7=Z1cS57y>
z4==`!AFse8Z>F#Phxf^ccXJ38;7Py$i+eY(uxF)9V?e8td%d<{i{!=K(S&gVPMCBy
zb3VwDIw6R;xLICnk=>4jQc>v!N4rl!ifPcR!Di2#ZB@b02MFVK(48@xTY?0hWYDJw
z2UVyj>YHBT#|me>73y3vx*1WgcN8*+E1qRKcoy*dZ6Tj4W<a{0d$PBjDY`TEX4e5t
zd=WXXI&WxJgk0SBnF*<E`H!1h3PwFsrIdl%AEo98sE?#bFGm<0(u=>=(jpwt4E(n7
z*LafCiPSfP!pB51WbwqSnGJ!JAZGN+{i9H2_JrquO2po8t>+<!tyo7z4y7qPN$#>v
z<K=)*ik5!YaL+oJDvI@ijMH3p<9zosx@Ui_m%t-U<)U)i>ZREUVF4y!^H44+75lc%
zX4g|8qF3q3yBTmW`i=F%>A~laQ@ue3g?7#PjK4xknZ(ct7x2!BZCB1iXPpdNehhaC
zT8osm0oc?GjHfameBqPNaXe<j%RsAT_ltlM=Nc}7<JIl@8gr1)P5DX~s)-;t`z7k$
zFt1%m_Ufr(JxqR89X6|#50HK%zkjBWo;w7qv+E2elORDL>>=+4x1^o@(!d430yTX)
zs-I33fF>!L#oZ)T4y_Wcf{JTZWjYfCD@V0u)(WFu)y($?P5=D??7*GC4~8vcwnhU^
zk^~4@LiK|@VgT26+^6a>2}lp7cGLXD>p>U#3<5}=E1g!;p<V+uQGG2!Sn*VggQk=r
z4`PKpuAP)NVlE3~D=ZCbYdWUasFqYr$el&iEoJJDT5a(t8O)<bqc-`#DP!|qmYJ#Y
zPGmuJf+*7y%DwvRG{Wo-JINxgegc3ndYOqna9|CV6wiWHlH^1a|C9u-*yfn&@BK@k
z?nI#SU)8ZZ5larsJHCxX#e-bvoOva(XosJ_H)j)r3VyzRkfNmbb!BB!A*P18DlN$+
z6K4JMLRM7PExe*v^*mH(YY8XX%Y%|!=45piIz74dM~S(o&703(BMtRpvo!*muKm2v
zr3~FiqyDpM#s=w{=Lwfu5oBO=tif0Kw}qzB<VDr!<QAN`T1GK3ovIPKT(?KvQA1s>
zVt`hw&#%v0CJEuTf5Jyn>$)#86ofrz=}j6f##g!4RHWzK4jF_tMXGrOvtOipYecC4
z{Dy<q+1t(^u_`P98&L72MUn(GgVfbJR|gMgL3t@%GA1Ezzf0i$^=%l+uuux_plU4x
zR&eHx1XX{zB%igjgA`(A{^&zI6T!@Z`)-|u>CW1cOG~HAH1Q(F?<-ZAiH_3))Sa9+
z@zp2k{roV+hvh8~C&8Jk={-Y<4!e%g?xq!N1{rw&$qiJ)OphQiGz|c1O%z0zGCQV>
zJ6?zTMOCGM6x83huUWnK34I77on^_^Vca_i?l%QO&~@t(VvsE&Ph`r0gW&KPp|PCO
zc;@jiK$!g)lvlgLs>6ZTkNrR)FuW^jC<dFLiuEnBEZ;x*8)|6JX_Gt_f*qMsXjV7-
zJ9<0In_bZsM%eSGs$n${Kc<H0pvc~?{^L1#76a7t7Vg~aC_<xw!}|!V28jF$r3ed4
z<XBlcI7D{JAQRtd-EG^-SP8oO!0GHJ5wR?RP_o5ucyIr^8(j^l%HYFP@<Wy-d+^b?
zeS8r-=n5=JRtOCst+bI9F?4ZRY%aoChf(#|P97=3KER!<E%^h;>#64(ojdYxt3LC#
zNmv_#+Rg)cS*TyPp9*n}b+X!*DP!@lOS&+gL>gUu!+8l6t1hh(_e=|1Vxg{FVX*N#
zRzRMC1}jR<qr3N1k;p+MdH5dM=Z_OW%KIk90do|-+dPA;p;VT>M-6hy7GUDzMsn6x
zDwjeBC9td^oo7HK>%Z0^NxN}JXcl}Gg^m(=!)i?}mn4X+eU>|z!%YqwTF(i3W{!Mc
zk9+Tk+FktJua2`|)ZCCq{}|!lWG$uNq8JA@9W1$-3=jT-uB~3X&Fs$r3{KTkv%3mU
z@Mo5v0;+^lKYA3e&^gMLV4QUSh^`#xdog7ng&}8d4DSNFNmge!!Kga7I&iLw3^q8n
zx5Ccw>C%1DlO6=NzNTJ;7NjFP6Q7<4>F@+MTR1<XF_2Tf2X=r9@P~HHPma6u<|CB;
z{@!Ou6HmtnKCiNFs8mE`Rso-G&dxbCS$ybDDMkZVL%Mm?<waFKztW>1j>!vypqBBi
zhyxN<+D%}O_cYfCZ$@LE(ZT?pb!X$nHrL1`&Qvf--e1EhWN<e)QE{*I=B)x4q~Gd+
zr(`@r*or>|{-pA!2n=ZfvP$(QJ+_Bru}T1bPXy3~^<HPq3D?`9l5Ycmv+#0uv)N27
zf5GMdJ+kY+{AXl8`|rrUu?3pm!7`u>W1^BG&U?$~T*~j>mH7_+`A$F#A%*Zik}<ab
z*4Z#~v2y&E#9?Rte<aR-K^%6L{|(|?YRe^Tu*Y{k)fie@^r_X$rGp3<RUv;zbQPP8
zRY|YR>&mi!D-<^y%14+-m0Nk4N;>79Yfc2NWc)xRRU1i%GnZ=f0`emaiQ@<u49K5N
zen`-Uo^C&X0o*a5pELyYnI5beKbzMefgP={?`A>*8#dMV#+c~5l%l9f#4W&8y&|iD
zc+wUweY(%L42|8%2z$@xhi;#T&2E19ul>~=1BS8X@twsof&)9xyMBzA`cM<DgQ^<L
zZFM<UhW6=&1WI^2bqy(OGTBf^p)WeV@KezK2(yX%fJ8CRzQtlS=hCKL6P@{UBRt3W
ze=jmj_@oC~*hz{cvQCZD?gqeCA7x5P>4IGrukVjTLmFHW;k-veBQ4th?uwB^KB7Y^
zLdsiHc6B_{GtG^8lJ_a-?yqT@b?{-^bt;hx4`%-OyRxZv;`ul4Q>Dgh)rAr5NoMG0
z`y16UAjKUnh1;G#?u)~BYLNu^TJp3at&#u4Hw7U%L*voG5L1Q0;{?V?lU*(5biaKL
zRvg#xj`t+06xf`(j`ssPk*>=Z*ZcKrnvQnV;|8lJD5C;LObXuL+HV|<_1U^+ooZ**
z^;tc$W8k+p*6tLVj2u;OGc#=Ud7I=KJMG)OJXSmb=BF(?@Yiznmk~7vULo`ZT#l$@
zQg|69%LK_GGsB}ty+AX4A2hKzKI@UR(A$Z@vykSGV~M7ZZVz8SvC(lR31QTlUjJ-p
ztb#u#C<>98PX;f$0CtakDhlG{;fYdC^U4$<DSujqXVRe0`-{b8hMeve&(9Bc6T6f<
zv{qB;0;Q)6cFW2m-srjkzn=U{x5cKbq7ogjCp2}vnaPU;C*btS5dMf~&tK2iZ|L3|
zKgHQg<J7ydc|CV?oV+xIKX$U5=Q0FGalY~L$HJ?{LNMT$=UWKxsG_DXVj(G2{w4(3
zWo3>tu30HK?Jrw5_!AvsS>xoR2=_XjuGVkF>%%d)aK;)m9l`%putHuv0AY<@bKLg?
z{V(&Hh6qa^J&=vbC4NfB3Ozzqw$Kd6$KvrM2MYSUe*y~GL}{o#jp(Rx$V#tR#b&wD
z9b7LY1fU3oRNE)E%i+5G{rX~5t`*186iIGEw*%+`^4Jb{xH<V3DxjxRD`|<H^9QeH
zeme#+rzJLpZ&3*m#q2pOUOg@<Zrc{AhYptx9Ez4512gIoXfy%x>`}($p?8&1yVJBR
zT8@>LYQh3#bI?3(HYZQj<aLsTkF;60f+%M6?{U@z{acHddE42tqy;wke<Jly;J^q}
zHiC1WGV}yEkZzsw%@-?27n~;~V@0a{(CTkQ36tT$H41a!rghZNL}0^)$<A~pM4L*z
z;3^&(fw#x_!v&HSwSKFJHf1JqayaBW?w%L<S5>S{==XS~(APLQnb9oC>WO`)MUH-k
zAVPmnNoAW(*Ro*gqn08^OwA3(7J0T!q}(CO^;FtGY1AFOXYBmTVNI7CH%sHnArYXQ
zAx$su!%E~OE+DerZxqpX^9EL|9yK`vF1D!DfInJ>T<c(y<mP@Z5X(o=xj2=Xaz!6=
z=kp_hv@%(}g7R0jHL9Zl!C2j13#rGx&;nKH1yoQ*jd4wNPYB<n4oz9&(}fG+gaa4P
zIhou+>(aSFaSGc2-8C7%V>tY^?pPZ;m~gQIxR&a(KrGDcmgrvJtg;V^x>xBYNZSFa
zKqg5K*<S5Nv1&z0dNI;5+EGkRw-x9btj<J|z4TBEVrbK!3O+S}eVQ6g6kQ#QF8w~)
z(0hG#oibh|_8f64tR)pCC`+X+fYEH{#VgKWF}DBX74*)g=>E=3rCG`6Tq+W!LZ)?{
z@<~6w<H}CnP#BLOF_T($O2qtp?$*pWFpCsqP+e{Nnt&Tlllb30e-$@#%;?Xdl-LqA
ztc7jPYV)TV`iVyPvO1iqohZ$OulYvuui)Jh*ya(z5JkNpQuGtaPQF_OBP=sPK3=u9
zw2(!&aBu{lc*=3?+@WJbuiHRk5jhZ9IZy_}RgiJ(6KKr?e@{=bmjYfurYKAWF#h-m
zxj6!tcdKFDw*3GdAx$t(qELjkgJ%I1`Xq947{ob}-<5ATWON1#|Bp#1O-Rt!ev+lR
z(_zW{w35o^qJU~ePV+5g^8*&nC&?ISZk>dt4Z1hiHnO=CUK`H8kWN9?IiP41OJ7g8
zOSM1Sk}h-#ciyA)^Sgqx6cNn;P_-Rd<-MdkPrrYGZ`tAf5w}Xm$1C~RZ%Ft{XtmfT
zZfB5|gC(0oKQ&lNSF|V}Gx*krQc92|A`|xv??zWdzf+ucshe;+1Uff4E%C=Q9$OKJ
zs?(MJ{9yIvmi*5QG95DiPLE6*M^!D31USUuc<XH?Sj#xaC6a*}hay+Y?<L_F?G;s?
zR=%t>Dzwtt3zLB2)4)-is?e`SWaO6y?1s4}+r}=!@nrsGsZzi>tXvPOPgq4&Wt$A~
zc$rsC%Is=b1bQ@gOazOP;67&)QQV-3ZSmP6C4Do5a(Epj))OTl3*z*WN>`C`YHU2R
zyk!hE!pU(Uza6dIlfnG~SiYGbo&ZTX)vp98!zx`pPOD5INWl+bxcQ-9{UaaiH$*TP
z&N^rkKL0F)|L+&`b?4>RidKyJ`p()10~OcKge~@w>5a*jooq$O&5g{oLl?5;)gpDG
zsWbDr8mj1dzaA9^CFI=wD0&&}a1t4crV+M3&`ia9HL5(*=t@6ZfTC*n5_sqWKrYsU
z+?|iH2xJ#hJNmcw?$_R3a;&44?yt@qu%l5;U({XDZGsLg1fA#g4MSpS@-mm+_Dl&f
zZrFW2prR5r+G&VF2OWw=k%(mjlEM2`O|<ZbZDhhm4!w?T_Jn!oX<^L+G%ZyD{@l<%
zGB$X9@A&jLjIx(fphO_og}{e&yTAj&G%XRuB&Bh-u1c|zdc~E4M&9-eB1xksNz!54
z*D?$2{4F;<kF~i}!xeUuU!=8~68g@1lbJfV=(}}BvgHL8B-b#RT>6<_j=jIiZy5Y?
z&+Fs@o^ji2^~i{ADPal@bLrU7RxMLfKtslpKVAbrosXj>5K`f8sqRM?>q+nca`~e4
zW2Z1Xo1WLe9=5EG@4}vywq^u01fPik2ZTG_L34TI*<s)z8i>_DsXrWI{O3e=4=aw&
zmcIGqzbxz4g|!k_cy%nZ>z<3%LlxvWq2sL!&`<2?`gD<5R1#NDgztA9&9%$xNdlw`
zX+Kut9;DWzfGHGKpkC$}f<lN#joCydcYTEiZ%gAiCpoj;<oFcqCARJ5rA<C%87$op
zaqhI5*-|2*<UJuS%wXKMrE3TVZi}-f(PlWcE0k`n&BE8l>H~n<d`CXlLsB=|1nQ*8
z6O!fnUrM5Vv-SJD@k*!g8oLcy4)h=9T-L_<$1Jssz+%bBRy(W=z^L=tJz6?~4l_KZ
z0+&MOUMmt4+p3jDg~+lJUq?dei&H_X2sI|>oS}JHI@3SY7QQgmz(mG+*nC+;MDc~t
zD;rs%RmLcv^pmF8Edt6fT$hEE5G`1_0T~{ReJ=rH;i^3;JMAK9J@b!BqHf+1e+<_i
zhOSpgpcHxxpCXP0X5r82hB8aIfAW)S`@~u!)t_P^W-|f}A(!b;mVg6<>cwB_P^^<K
zSL~|22r~2K%xzJmlT(~F|GIAW;)y6A+8KGoL;o${;yVk--@}C`&@$~dJO1^1J(*)$
z0$co`Yf);)mD8TdOp+s4CiioL+ehkAY7JKS0~AMRI9X~AEha-_)uzUThWL{fKy9BU
zA0nuU9qo;Dw)UqD)j+Ha?!IAsQV(6^Ms92o?-tDZ%f?)gat{f}RA0{-j%GA6bsmI2
zk$k_;Nwt?uyGdVtZU$>eHOtnQNIw})IVquH4v;V-tvfWQ8e-B>D=_HWjXvw_h>V{w
z1R~+^d_lo4{++1O$C_akk4Pma=<U7$`{bI>4q6|K5ESSeqBes{RlT+Xi0zA<alAGI
z+-l;*X1!b(At*5R{D)tM&K!WhE_Unm#k(wK1>~+(@XyD|>7mm030#<Zc=qke31TFf
zhjxrE_$}M)kIPb&F1i{~yiQz$XF{3Afn!`JiWTgLyCb+GWb^Ef;_Vxy1&aId<8}fM
zEMV?u#3EemD>nf7k=RAIzI3wa$W6IXO{;Nuo8+jR3QOuTuBhQLMPJn6?f4tSJ1Ys^
z<aY15cTWp2(2>+u$<}{9qDPG>P4KPRx>OFLe0LAx)Jqj1e)O-UI}mMym`n!mK+(;s
zEYWYeU|BoFWJI*QjV<DL>x_C^p5vrsY2)LgG}CyQAP#z$Ly4pYuU%bM4AxKgN3>-9
ze7u-~L{j5d?t&eaM~BTR>~d5SM&tTg^%0@{i^fmN2%P;cd{cB@4cB112MUDM6O)=U
zzuA!@&>-9<_yb;F=G^>FUuTX%pugoGGg?bQ7mPd_@VG36F+O_I{EewHas#MIevZAz
z`ad4;zTr-((xv$Bsi+sO5n8HKSGfT%J0n4cp0JX-+m`rW<Jd0z$<YZ4U{1x%b48!_
z|0=S+a!7g9K_m)zXl;@EdInvuABMHJ(|=?82`8-~fGFW<;KIleGadN^1HJ1C;+7g`
zBFQ<(B{$vP0AwP2n}lxd)E9?cXD3s4m5E@ywvW*vC35o;yxY@uQ~RW@xYmq+(5ziO
zHRrcZ*j|0sD~I0^xI`{xW!$YaACT$YFD(RNeP}(Im=w`04>%SPDKpc2kKJybaOe<!
zm1oX3n$Gdi;UCB@;q}X-0q>3C{?>cvqlCTfC;_t_I=o%==9bg@d~QeR8ssi03<WfP
z8Jh_H15j)Bw4B+|Y$mcEP(A;uM-cMi55>BFR;n)835LO@BP%`?=TtkM^ecsQjqyC2
zt~@f(C8id9%ILq6SDtLk8mHc&p`dw8edJvad}2}P$TEpw&=(D?1fsw0Q-c@c8?XF=
zv~2zBtQ~hw6pLRE=>?KWbtFFuZB%4ks&L6%khAAft0gB4ZJUsxoGTj0M!S{!cj-=b
z2@Or<kEfl4zCz_R1%EC~ty&kbG}QtgkMu6)=78H{ua#K>*P<88*dzHj=>Y6&;!^_i
z$IM$>8w=;A+EWn4JTL=BKo$G$x+GJ!?MV`!M;DuE{rbNBfWaa}#vDtJAmvB4jNsiP
z=-tFth%0^RKclx-FnUWx(V!3B*8~^NJEhy0H%i#)B6*Amf;%PQ?S$JhFN>>3*}(Dx
zSRxm<0NJ9+)*sul3)xg&3f`}OOQKcK`c6}{i5O6bONU)*Re@kXRg3?_N*PAa#TM;;
zkfRaTERFw#U=<D0^d`A(6Isjx)7OW_Tj_v+ATvY7fG^J7U7cJ6?rwj9K`X-z{tx-j
z{$C1}m64J8|H=RV_TK*g`&;b)S)f&Bs1KCL1O-wHum2f%*5Cg+OnTpd8k#SrmjV}%
zcXZu>&R<-`7^^2mdVxYi)7WUTH=MSv;(M<F%nNyHH757;l)>Ec%0Hb{w=xmauHZM}
z1(Y|u$iZBI25lB`t#H`nFO@O|pey^IHJA$Z<tt@!yArxLRn-+Rg$82uJCsFO=^#R6
zd;%$bU}?tbA;mfbRC!VMGf~HflQ#p?qo(}goz~kzSa>}pts8l4gZ)|kx5K1=ND*f<
zR?=(QRLb<o-1^N`qQ31n7+VD$=5>W<r$RJwt)TJKG5B&~aoD0>Jb}64Nvw2qcyxEH
z<Ptoit`7xU(FD>~Phl}^(=8*)+n8+!R{-mblE$u%ju+3L&MyJA`ZZhnbW7ux>xb=&
zPOAD15s<jabfCA&$!#${)5OJ;4_XW~WN>gxgfMW*hA?xge+m6pl#;_~6EWVIDTxyo
z)$}!tr7~}G#^93iWoQXayvW@`%g63EIcXn0YJ$XQk#V~U>Hu%d6?jv!ZSm$*;J`0}
zXMUN=pt|6C-gVm^=c>uQGPCEEN7*WFSbMTqS(|Tj+%A)}<0OJx?8%YQY5TEOrnIf?
z#rFF^&$~I!Z9!O>NMOPts1H)eZYn+dWfNGrY-0YYlFduMcE{3=cJV-8mxA6UfAmjd
zA&;MlE}6pTFvMxTTCvxh!F01u?7(e(@CUvweorgP^{{cizoZtBCBxLgsHMy!RPU2>
zRIC{Nxyg?X6KAMC(y1ftv4y2kEz~H6B=njOe*VgBf<fSC|CqqEaHoc28x!>~gfbnj
zq*oLB;s%@=5|FxgL9cdXM~8nT@2~<u8cN3+C~n{VW{XK!vEF{2j;i{T2mzT64ZITo
zZ?7=f5o<uA$ft_LaAvEBdt7E}iRRWewO$vPou8_BTvkwG^9_)_{DLHi0V86LL$GY4
zIKFnqc^za87i6v0!ESoAu{HXHJwV>CSi7w=2*5C50sHcgthamkD+Wjtc&vh4IL_p`
zoe@QHAoRtAb745d0yy_TB@ib3-^@G-dU>nuGIDd)`up$sqvy#-*rT}q=>F?^*A?%z
zUF%CN6@p-EK#4^MD-OH;8D&ybyW?cZ%1Qb$)pg0jrKofbH%oS`3c_ipod3Pu1;wBC
zTkhM}q1XJJUSI0XLhT<V-)#q8Tkc5OIG3j_)wOTA-5`W|CJb7spuiI^oDyz`MG!TG
z=c?cA*FpNrMS>_Ts5HmmD-zf=^Ww(b-eR1NLZ)8Qn`)KE8P=Y`ZObu^T6wsjH>fsb
zlC&-`5ax}>{w>v<cO(?>ND)RPL1(q=2{5h_*lH4+vU#2blt_<O>gtZ6163((3kese
z2s_X}WxQf%xa6LX{sP<kzgsat2)-{v9*d8o?*Ur=NuhqQ!(21Q|3X-cIez~1lQ(XG
zBO>6^0R7EImil<T0!1h11KAvMLFE7g1BRWV#hu_K2GK(V-UZdH1)7UpfegoL&a=7b
zCLLhyJ>av9eE<n}Jl{nR@!)_~c*(H5#+;STUt$cFRTOKN@d4xnjc5L)MeVVpU)a~P
zP^W!@?&ttdY=?jj4?)X%Sv^^^?DBSXJNeJecF_gPDn^lzL;QRIE57MBlWZt-ejj0!
z;0!%ILo$ip!GqboP0Ol!sh+-`994=`(_m2h1)S}C6X+|{WyVb2+~Ec@bJ0i3iS@UQ
z^0GMiGDr!3WC$enSmU^S-+MSDDSH~8?a=N*PoHMDz3k5zo^?^_#genB##C94hvm|N
zLwj^kWT}!*-Pce+yJ#$iqT5D0Q(@m2UJbD7{d&X3Ga2-sE)2myLK%>VQOwIvQJuqm
zEJb(F<tMwLyYCE%TLIVpYm+3RshmW%NW)kWuyyojj~R#yuQdfDdPtUthIx|7BSn@7
zkOoR|Ay$aR>teN6uS#nP2EjVy1_Ij4Da?%8n&gtoz;S!y!AF!zkbfo9$R)9or8n9S
z!)cOv;$dU_d8x8BQffv>4es1h-18EhqnNfpsD~b)z7`&fEmjVdN#`oMv@wYjH~j0m
z{>d1#@*T5{#SG5I-myFc2c1zmrMhM<1-Q6WIvSpG8rT_-my&cj_}PAJg2&S$#Dh09
zV=WYtjFx3EYAL(3mS?A175S@*voKX*pfn`lR++}oZ|^`9CvLx%JUm|98rQ#1n|s7o
zoV|#%*cWqr7emxsOTjLL!!436A&6Stw$LYzD*~&N*NNd!VT+*WzwmLadT%QuD=Ph{
z@`Xdn$HuYlxV*W(FFB#cOhedS2CX{MKc=iAk#kjZ5zhbO3MkHLeoW#Gty7frrRon5
zCt4wIYR}VBk*L^ARp|YT%bvnHCCa=IX$DSQ#f~peJ=3C?R?ql}9<DNm&F%jx1Er)U
zh6n`Lfne&vgVOUgFm;U<LKDd8sp?<JKeH5I&`kS2UFbiH3m4y_OoQ7E3v^A`?^<#<
z<bQju?MQ8v2UvLv2pn?5K!2Vw)!dQ7=Q|<ovQcnYhnSpUj5x`3Fjziu7YZ4Sj-r@)
zDXMbMVllD~VDxkZ$BpjPuyV$@)gKiR!2+KRW1)X9@sixbO?fLHRcega-wpCKc(%7Z
z`)(qrl8A<9HLOxFz=bvnkd)(7&q8Q&|MH7I<At6La&skW&>Dccw&Fjzdu)|zzqU4k
zL+uCjX5InNawmwO9W^P0Zj2+zL5kK9`MYD<g18~!Y+OCqwq&~6>^(aW!+9F2&w$_7
zM0dxR_8UFrOW?ow%^Rqq+I&2N>71LrPajONGpoOwqXcQ|+1`!1qb15e&@XuuDy;JM
z3sUwf0?Mu_`w6xxhiR>hVu1Eyb~>M0iMw^FYyOhnhy>*?0&_d;pJXsVne;QrBxhqO
z-WuO=_hF|EhlZ`!tvVnXBV>{xE>IRMm=CRe>Vz!=$JYLY&q9QSRTcv-WH@&Mg#Rda
zDA4G&WhOsc>O`6jR@%RQWJj$`CiGVOgy$3Qj)M6%WMyG#oJ_kz#~}JuK14XG{!E>p
z0{Obic8UWh?u#sshi@Kn^dFW}>O@_zu0g|wTllr{L=Kst<RSrA849vxB`~}qaFRo%
zK1`8$#|_e^f7_%<G0C;>vlT`}Jy|eJhtp7paa5O3?J1U6?dDc3Lcr2-=#{$cR)c)H
zA^T`<F^%5F$=X5+A!jMRo@ZHI?2*by=h+i}qP?iKHt9=D)$ZD;6n&vJ84R;6I*jf<
z(&AVI7X8&Gm|aByv6wL{4A{@=pT~U|<%oWx@xKUr2k1z<t!p&4ZFR@CZFOvRY+DuE
z72CFLqhoa39d?|KebfD(bH4L`|GndmQKO#ZskQdnct(xAYOgt`lRolqvxNSbqoMhG
z-u3%zl8oaVNWG=o=9SZyvixh3<7t$|RQ9Ea(QQY)7`TPW>AmgC!}nWIoXG!sEBJ4W
z6bl!}e;8^x|4m!_KU+agP-Y-Nk^-=4w=RJtVgHH|L?%=&Lf~ljV4c^;6EWW*Z&O?3
z*4m8SuSp<nLzVca!po@k&TdZQ7w>sGF4FsH(HVmcNi0_ux8U~UH+P9%5@__jvD}00
z+qWs<^+tnl;ZGRs?^X9lkH<DGFnb>?wdwkDib6^#%mfk^&4SlBZZM*iyMXlDh05aY
z4o}fD?Ak+Y_~*{YICpgqPT@%vwWwE<+iP4`J~`YVJ@u>f+fZ{K+6l%*^wa#Mr|6Kh
z1S%^mRr|e9k^&@`Mn@>Gea>}~WjsK0=$wMMEV}I$Lb-jYM)AeAuPTf~q?%t@4G5iG
z=LmNLeU&T_vL>M$AxWnzlK?w??o<u?zv^}dOBzm$6wX{}JS=<BOLG{z`%szMzF!L#
z*H2i#z@=YJqK$q-3)BOXEQgN$-MklagE8E7kX$y`X+~M#2DgK}9sI4Ihx})7Vvh7q
z&Pq*vLji9L9{7?{D^_jAF;|2GhLT{@Zx#u@s01hUCF02G9ubxu3r2ty!&&-^@$DJO
zh#}I@9K}Z=&(}%f+8X<m)JY{VQpi_ByF{*1jyU7zoZ4-|NHccUfTHSbb#%z?0{&DX
zyY8)e#=}YMsL79W;M-(<Tt1$M<&M?G0x@LtpIQZS9HpPvIo_HmpD~_od7jKCACMc*
zI;vwNw~z$_c3O2*3*Z4g3!_3U3<~1(MlN#4n^fBRAP?5prPoYOv}|G9+AP7gaN<~T
zPD6YIF3l8;+#8WlX>Kz!$&G9<KgiL!6~0Crs)joOQ`fK<2Nu~wB7GlJ7%JSsA`Fnm
zL0;(kqPY)(p|>PH4}6XmY4wbctdjUB<IRF$5h*+;k%#doYuW-_+0e>yi>x`Au>989
zvf0IDO!rwbfz+42X0HYEJy%d&`zpnKAr}Ijf)#AZoF)-syVO=33}s>IdaLkHq;Vr(
zi6Hi01HjGGXGPnpVDh3he0`vn$W(^G^gh@v6Hi=#>Otd!6heF)KxFy_Q?eUHME$@8
zgNVz~r5Fi&Tek~<nDUbPEt;G&n;+PHLI4}H;kb_i%_DY6$yZbpR+t}$P^f%*9q<Zb
z03HvWe;w`n9r)SD0$D(9(-Xq~8ez-L2mx{xPv3^9SJ1Z)w^zaM-~_pxE0T?S1u`sb
z8GWYcBDe5W*T#X2Rtal|a^t)k+7Vh(3VJ->y}NMw?fn>#2=%4yY%;&<(<ZM|*&Gil
zra$?19Et_&SozIh-ra(wGHBgv-psiXfgD->s@r^x5|T{gHrb|tRkMTtgfPMItPxto
zwx;R{3$=;kPv)~{hpcs03%}dJeUW5{ex*qxi07VKq_!R})?V#=Vhm%@JYG#*ItIp^
z-W<l!WW)l%r{7&zY0Jl@nHu&f_Vx@ZlbQBd*prXz_6N202T`aIEvh?)qqi=o{DJ|D
z_|nt)vT4J}mi*#`f~w)EU>`>{t!fx~k12tpRO5;{q-u-oK4baJhhZIDi&oN!<GmGl
zDKc3TGA5)b1k8pV8+>F{2ambVQEjAdWZPm(Q7)<gAe{79GWqe}a{jM0(>2=gJHd?~
z3JLN-85HO%5p~!sl>#)@?7_Hh;8v<ei6uw+dB5ZH!-C_c!pzW{<ohx<DZkrnP!PPv
ze?2}?S3R4xKT%pq>Y63XTNWD>iQFuk%>71KWD3Rtmth5hfFr80d!onasUih7rbl#g
zX)V+P2t9qSDOg=fZCyT&_#mql&QuxSjKDa?6z0n}!|eQx;CGF{23N=ETD?HDiv5}a
zhiN<9?;lfC;~#cXgmDXdC6g(X40_<u?z^o!*KzGfAK5|O(Gi>hP8iH0|1fl0U5J<~
z1<mPDvW7Rdde3$uWT}MyOL6!yc&=imD?u<G(AX-}2XYhPgT`!Si|k#e`}KX}CLXI;
zwZ91R7b{C(;V(wc;yTyf<YeGJ2;Nz#vPw93O3}M?2{tGYq(yl_6VCtyU?xE-Z@~9u
zu0-&&m~TU%zwis`21;vy#nIIL-o`?@f}qhGL3D7FEPBk?%!7WOE`UP0enngA75g(j
zV2!+BZ{KTWAsu5@4nZULJa_gXB|iNOed<$CfWoWYH_wqAj)&zZz7vT4D`(gkFX#_x
zgqTkrbk5(?u#`@lA_sV|UgPhYEReI?5yqGUF1Jegyg6HdLNx=iT{-Q<%|Ls~H94!R
z&nhVtx7fbB8)dcb-W8<ELCFzi^C~9<fXFY<irm^49{gn$l&3AC$c=S^7y(-_F4ek7
z69V7Fli7{y88!M`po1JMEv)7m=^aEz_ilZamyW(z3#`(LTjeYCF@GB0PY>X^?*1HQ
zHx|yraI*%4K^(Cv^>pG)pV-Q}v`x`)ZIGZjSrR^yR?3JU$CLFY|0<gizUr@J3Ybwm
zh1@TcK^UPdHHAyY<31=Y&wyc`|44xpRuMZhzMx4BLzpD~q%o|83e*xDB?_1imut`d
zT^cExOcL*yY_75&<|dSausU&ZjTUJ}Cqy-yhNdWQ#ao;|Vq)1zzXy?R-fM?kTtGyA
z(q)H`ZH`_t!v2u~Et)m<<SHie00=xwJa&Xbz)GlBY-LO39(-vk9P`@{7JJs2kF45@
z><tV6{8KgN8Rz25#Jc%bo#ofR@@&6_fx_;$$wjmDbo6AzxuAZoGY<T9x$hR3&4`6g
zW14uVy%JSI+a$jpH1964F!#_fx_aNbMHq*SV!5fMtEV4R(D(Vh_4;9<1)!CxQCmYS
z-L2q#?ewN=DG=wmd~YClH*!n(#H&+<g^fP51nSAGp%Z<ckrt(A4CD96*1x4Kq7jK6
zBIA1;`po6Uc0_Ub&L6m|?f8TF*HR=M>dvBSmAu+bpbXFJsS5p0k&g_}`^dZWPa5RF
zkN%McX<#;6uP#G%(-RH@)C8~^5>dk=CNpG(K{~-rX=(BoS)ODkEj6nHF(9~LG-*xq
zX>gLj$rsla`Ke`vH5=l-WHtEvI6uuAb|<Fi;m+Cka;x`Ij2X|AIni0&tMjha?23N+
zg-9+e#pXNVG4Y7vv(!GzQX~uqE5%yclx<5lzqh0_dl#lfM`XqX_?_%68S|AX5jo%(
z-zm*4n<I(Sgx>m8j3ZWKHWl_DJdR+e{rv*;Hx1RMus3gMbnNHSX~Txo&6^`LH=B}V
zJP}-lr6%=}*)Qi+$5+9pQednT_K&;2&!SE$mtHO^e+UQkUuO@WQ@8^q3+*wi{$xQ5
z<c3tx!_PR_BPRZUO8h3w;t}UQ;x&;^^x_E`(%Gp@;)@m<E8?yKnf<^`VOSZoiS)eT
zEuQU}#b>pi@+HC+<b?AvT(;M$&F!%uE(6-}T2n52jKI;l6~yTj?zOI%eGCNq!AZ<7
zPM8R+#-54^b|-P4F)eh<Xoh$m)wX}BsWd^~rXqD!OoAf-Y?vQFoN-(pZPSV25HcR3
zSjTvx>7gXowWupz6l;=M-9&{uYNjSe>_lLYZrki{5!2)W@0ze?<v?w`?QgLmhy(ed
zhSNym8P{zY0p8Q&(`!G{IzY6}E1n@w`a_vkIlY`9(!WivQQScyAW9>e`uQiowiuE!
z{G4uTx0GrJ5Fo(yU{14(AUm8&r#E(`_qKI;#HerU>iV|YKvgJ-ySblV=6u0Gu?9#K
zz1ow~l@;$I9UUoRkaT=dJJZ-=MfHmtezuQVH@lu)8F{ttV`KchrmBR65@g~l<>@I<
zLqRo>hwt;o-&4%ey3gy_=*{hy`f~1l{mRd{op0(32nTjOEnIACZ~vD00y8tr`#q0N
zNqzU`1(lX)Yma$${^+GYX3NOWxteiScVp|iDFcf~z-w!RYhjENAMk$bG?mDJw12I>
z*K#?tOQ5koq#}l<<)JYnaB{B0?j^iG7PX>vEk9cJLo*lg!aUOyApI4t!q9#d&5Fx}
z>+(AaAbio%Tl7K}+9DK*wPx%$P9MTV7$Q>%M@d`&)_qHG&0=C61y?G9U2=y%PGxcr
zaD^E_Le|0ID$Wzo^>C&nbj_X}gzIMeb8S5aTU;QH((UL8)ofX|9_!g#2*@jLNRd6p
zh%JJx5>@7VSlQS+FarRkjccs?cizBi`|qENIhp@eEyl{k#`d3^|7Ljpuf&1<BX1xF
zXnx3EN??uj9BUv%g5+ZzgtHE=n;0xxE{@pxXvxyA@rW~1NTL}>s!B~n{_e1kdP#m8
z<#+xe9^GhLUk8f6=Ww9gbDe!L<-PYcknh&`onk#AY#DfuUXV-nO!>Vab#nZaLm4@x
zGD1sEQA}wFH<nx5j`ADhHr>YlG`Z_GKvyC4f`W8d;CgZ1ln2&miYzoGEW-J1;??i%
zT8Gk)S3JsibF5lh-Y3#HE`8}+G1ZW^`pgo3BzTh?1%ew%);i>EvDbb%_UAsf^KY;Y
z2<qj|e}N&m#j#hSR_?fI1^OLCC03)~>04tvdL)_lL7lY9dfRv|W^S2H`RwHAb1JbL
zbwo}}lXj?XsGMMz;00=|TEE+tXQq<567M<gtdlh4AjeImypQMJ%`KewGf44LL>2Lz
z<E7IWDAC|4O+xW&hDjOP6muZ}+YAW-9ZeJSi5+C}o8Ae0r|xF1he*ZQyzYfDK2x4Y
z&9JZCH~>q77b`*IJIK#zp8EK1CpB6Nk0M5axQNhy(H}kCZCd)e2H80aox4A{ZV*K@
zVyb2fzo0-bJ{HC3CRfL5)f1%;ft@Pd1xwSsl|J5rPYu}h1}Rpic@;H^IRNrVj7b@u
zZ_o*TpI0($|ABx6;yIjNx3L#Lw&~cOBn;{jnrm!u(^#t@mFImu9V5$r>v*w4k-_>&
zf}{<^*wT)Y>?=ks@%79(^Imt=J@Y(%|KQp$D;~36wAq8H@Iz3vpNup#TABQW_L_rw
z*ES=#&MIEfW|fqF)EEwe4}c)lZ!DmeEdRuO_Y|L-S1zmdjCCR}I^#3<buwuejo|wV
zNM@BpXT`=bMD>J>H_UzlyOtIR@tK(31qUX9bEs-I5l4fNG`To<n->{DlJjW-aH6>g
zbr<Dm)E?b4MZUZi?N^mdwir6KrnvU|dDe&i@`M{fT_0+51IWoR10V@rpgb)ki9=l&
zzY^s-=aNT2_783&Wey5cuF5v{hZiP7fb#cny0F!vhA$O1r2~PZ`}hOWqBI@LA<wwz
z;(eC<_%XN;Flo%zV1pP`qWizpU?nh$b<WK!UB#AqxI`nUX1l)_MD9`BL!ri6$Y#Yo
znfiZf)?oR8SEdIR39!Kv1CbEPQd=<h7a8^z*1^d=#NJs{haL=QMw`va&Vme&D`*=Q
z=BI)r_NM!3%;_wo>b1B}qC&W>NZQRmp5D7{ZaWFDop&?tdy2f1cB5YbPUh@Shqsul
zl8QzQ%qasQYeC9aLppX?1?~4Y6eG`0m^l$HJpQH_JP^ou2Z-qbq$mVMDfJDb{JO3r
zX0&6kMxEkC`h=%Dv2;>7`M8AkT80j$x=rlo=k56Rd)kMY27~jG=|eyE<nniFrac38
z?`9Sw7H6&f4EFW5{>=8ql)a=s;*<K`W5)b>R;pxKQgV$}E|cU3V8cd;j2$hRkDLIM
zt*jxg0W3MB1d!Ab5LO_g)Nb$gEWtPqcl#HyVJqc7jIdfTy)|rgs{Z`;A#UM6$4}Iv
zgxD5gRq|ajQ#mOF;+dVur(1mv|7e0F68h%An;-+#Ib$%d1LyA3+QbOmj2fw^QsJmv
z^i<d~4(eKoom=h)R>P|sX`ggXVj2I&o8>qc)l3)=2BHFrf*YUQHIqC3kuu06P30$C
zrxl|~C)j-95mNVm!z_pG1>M6R^E<LG?|OO8KBwKiNiWKGDh75YJbt^$rT~Xw6LNrj
zNg2jaEj(1({s3$E#t7^yOX@5T7=E(0f)LMAYY5oV#z!yX$m7?w6=c(JJNJ>=tEo@g
zQtbmARd{1M!Py+53c4UM@F^kH?8q&A?W3RcP}FXUY09ts^iiDceyFF=lCLV?lu^N%
zrDWc{9k`G8%vfdkOG$=ZjwfE=(<d$o4p+`(m;Qii3)OuLa{rNsa#u_=fAW362UtUh
z`~$4fRAlN4`og>{vOdKb#@d88&q~boQ>YI>@`hp;o>{);n4px01L9&X@EZ8&%%qIx
zIcN1IVng1LD0-kgTm}hC#o07&LSA9QI*WoayFq=n>uc}ExL!PQ8gD4Tiqqk`I>SA)
zx&XD!ZJ_1jf$EH8KyAT>FGT->N6>GbENhKdx_aW0=e&w2igzpH?Ei1LhBH8kFZ%3r
zd}SMDt@#`F8OBLDGmwXjwy9X_+Q)(braEA)I`eBQLcY+Goxx;LZ~-f5Q=lRnrP^)q
zrX50su;+HAoE(`7EjFcTZb}2gX%>NmHmw*Fbt~e!<z8RQSX?(pEpbDKu)S-<N}YyX
zk^;=G9p^<Et9<Kw-dF)Krw3prMA#iIe~zl)Ov%2~T;|c#NH571NG@gGy#=0wK}wAd
zr)K<^_gPmQJu923;utrhJI}`@;_*$W`(&}KU2x`>E;8Yl;jG`!_-k~YaS}`w6ts*=
z|86>nsIRf$I097mlV_R&Y6Kk+0nsODCPiklXZ|#}b!r=_YR3C34)XvgJa{OuA`Lvn
zVu<(Pq+6!tQkcAJ%kEmX$D{SA01+6=SwC=+Nz-`-Jer*zHT%7??*Ti7N*lNJr4++B
zP4*k|S{PoX=Mm3U2@_3V->O`DL9^4teN-KEsYiR1C|r3OzFoL+3|Wpqgd38b;N?+|
zY`_#^pHK_uwu1_F8|DBGnN`4!V=c?b+gH?Y*MGexNnp5OILH2q2n_e&1eHO=W!H33
zv*A$d13L?uLpEc$hxIRgu44Y->Kpf!@lujU2rEy|(6dh%O4T$!;t_R(o&K0W$@Hf{
z>aGM9IQu=N<_FjO?*&VOLj5ZdhQH7aHW&Z>mS8dZUi}Z~24IO`3PLt-Ow>t)KG;RH
z>U<Cd;|njjX7Y1L)d&rCliyUA;J4aoYnr|sFe$OyrDLu&y1Tj=i_A4G8e(%MU9XfC
ziBu}#&TB1&F4Wj(X2|eX9OPQm^D_IE_wDDft@rlc&9`5h&z-3N5Hit_LdCgBkOa5f
z&)+)-tv_Q!u>shJT-CZy?0<6+F%u}Fj2*YU%PQ^9zAb$c-80X)Dw+$QjTa0*W6*F%
z>%dlJfz&Ib7FTj-z`M5PrNJLaP;WzOi|OBE6;q#7hKDVntes>;O=?~PiT^%O*QSzm
zi4+@D(jKaZ*JPQY_iDsZIq91$MJ}Dh6rFxiMb2Qt+6W+CY=mklGgZrlvmt)|d<2RN
z0jGy-o4=Cz`!NZpJr%P&OCUFx2{Qv%E9Txd<$}ayAs&7972~*9fmkl#74I)><LDpQ
z#=lS-^>BdGD)VHvbE=)T39OYdvnA-=JmQ=%tXN)n?}kb`y8{D*tX|>Cl|zkfMgU#j
zPZh<xmAuPrSb0yc9}+?Nv5?UO9DN+mn@C;++Gn(za0?43=$l|2>y@MV7`VFGAixU@
z@(Ra4unm#FunnS(ZjdJ>>@Yx_eWrH7##rWb<yGq*a&M;nh4`&M*0jL%#1kXnLzRls
zihN9eA`Chn3n|Y|mjEylISQC$kvC=M5sZeq$85dMw01W5v1?a#{&{G4sr9JX58r5F
z&~2BvM=y)$7tPzjS97!}O?u7ArXg2$HFv@a^B?l8&pM>%jqYTRFupSP)qU<rEHh^6
zT+v>steS$FcQXWH=7`>dDT<m*KP7*ZeO0Obbl*>y6!t03^^EGf2_+K%9LbmxX90g<
zCLjf=MO8yf@0nvdGYjF$S4g|EG$7mWT}*7vT1`zOy8M7SkGl~fAgjMe*2ldYjtg0w
z$JJPHFO9p_gsk=6pW+=MAl>CS5r>Vx1ZnR1TPhIH|FP@-WQP~<?_Kx*Y`Xs~E6)PX
z#mNrrvT_FH1TtBF0unpI181xZ2wDDAb|}LM2*5Fl+S|F9+POHBF#iF2{J95oK*0E8
zMalBFuH*l-`m0#~*YhK)y^$3h3m0(M%94`x&p!WuwaD`C7XQ8PXJz@v_D}czm+fD*
zyZ>&NmE(^s@YNO*l(P}tP5}&zo%7Efe2zb-4*$!W{SS@0G91u<2J3InIsPOV|I6kt
zZsortaIpXF4aYye|HoW#{3&wzKWw@G+H(HEzWlFt|DJ;Uw=E~@A6rb$|FrQxbIb`;
zcHkuZCm_o|ePsFPKh}R*{up(M11SUhKQqtq&!lqvGhZD4Oeg0*Yo|x@(X6YT3kfqj
zaNdCzo$Eit_}9WPa{@^mNr1DC6j*<k`_E#1<Xg%t%y2A!+XaF;VgLCU2pfO^q;bRq
zwm74Lu`>V5ixQOm-~K>vCq!6QZaCJz9r(8!7#rJ%0r4L%EVe(v|GxvcIFkW!obZ98
z&Qc%5ihqJ({RvF^cbWd}_MZU%FI^=4yGZ{(mMmC*m*@Yo`cH>BIsP*?ZXl`)I?&V$
zAB>9?7~@ay=aT283&z6y@c}0&3lJ252Q+pWgHl#fQIHjFWOh{q1?Oa80S3BNgRwIK
z8QpQfxY+*jWc%<G0hYTH!f^f(Gy3Xm0UUK_fRa$s(9)J^e0IkK1@?JB0E>O;{$3Y+
zv4GybG#`Is1Mz(DKdu<S5l>W5E?|Hc;m3Qfmne|i3kUe>g#o3gBC94R4aD|t080C!
z0_$8M8aKQ>z`(dT{t3<TCv;<r-xBDDW3)dZ*av~(pU#~56Ml>#V2cvS5-^Fz`S)r1
zc)<VlWN>mO4ze|h28KfaYk0t!h+&}ZHViN$(iqeZcpo{B#`*Vg`Y#`@4<7(0I~SLL
zfU}E}=~r7gkF0DDPhFLjj=NY=Z+jhUOg#BMinV1cYr;ykO4lJ=$^&6xr2|hSQc~D>
zp@u{dQV5uMrWsb4pJId#L{{0eEy}!WKeCovO05@$+wXPoz3qB0wyrw?K7tQH(`(*{
zGtXTguP9M2IWjJSZx}P-X@K~mkaI`oFyrrst+?1otk!7PH16;$FQoV?S2%MRU~)eK
zsgcwg4-mLns26_RrhYwU8weQGYM(4M=}GOJ(SgV6YUE}R;QuHv<MX_0AeT*@LHd&W
zdN^jY5?>TvxBA`wr=YTE!R}9E5hLKe*bqeN=jj|x_ZDv{O_`e?L+^lR0ATv=ol{U4
zB?sTwmvi{hHum0Kel@X;-BRcGT@qnA?*h_AB1C5~@ppRu4oVaIqn<j4dzd(>8LC=~
z3!L2KN`0Nzr)O({G|u;GkXK%4Y%6R?di}(DRZ1NSKx(7Uuy-TuPj(~5`V5ckRmm=e
zF5y$kWfW&v_n-0uL1_R<543Ao#-H>9nI4&!q*y3DLli#=2jW)c=sv%|Y8auS3fYii
zq3cAD4{;b#*JrN^cgdc9PC@Ss#|*~5BC5~Sls+X@M+Fm+a)31-2yh@ZLnRBOpg?Ct
zv5vs`Np3{QoE-j1pMnErA^g`6=s?0O8Z;~=S-eLG4B5jFf)NFvpR~)t=jxDj$oI>}
z=Td25;JHJq10zp75;c;+^^51|IJXJ>EkkjUU-9b^*;Cwj4Uo8-#5>{M=qk!sMYj~8
z_vTo3B(>(tra<%l{y1Z$!JARW=nZE{D(^R!XlEyvdES^Vw5JJ}?FeG_K~IU-=yg{2
z8Mf&c1>xvC;W13WH`FKivw_;IQeIAOLDwIhUHc6a!z<(i;=g{IEKg`jH#V4IetWuG
za;??Jm?P7e!@Ux@LbJ%?!Gb%TZH-GeK8*HUe+ZCJb9~@8F|2`~mvV8@t%vU}AA^~N
zBcI)tfGkR8OU9XmlNk>B;I`Br?|~%0DuE!u4ivL&Y5kz>>m#$`L&v%%g~TU~!Shr}
z=QA{aIONKW7FkiU+eg5$BY%y?EzSdmo-K~=E|J^%3#j3Di$;r3oqZ7x1rX5(NmeHT
z0vg2JBSU{Jx(gq25=Ez+uTgl3?c?}-MwKB>SCmPQHtU9*jWJ8_#rZ|ODPUS+K*aA@
zP%r(!WoK*;xK>ID=BuQi0UZ}Ak%@y9<@=0A(9?D(J<qI258-C5l-Z-iSeNgNcI>5J
zd}=R+z-`eELNBgAd0^q>>wGo7&tYZI(*&~!QrTQ%jnV^i2;U>wxb90^;4cR=&#H>r
zp_{iztqJmFo$5kF>ni{29xOh@rF`4<lc@K2v(Jx3K>cuDl&6_{aF@B_^{KDaw2PNE
zGY3$xqQ2|~|LDp$$xgJy$dxE(58eu5qx{(F!ls!RnzG-&iL-*bgtW)R{87<T&CwR~
z?8aHIx%oPc)kTvhnj>5hANF-l<Au0CuR}$Gm%lrH1Ep&n*Q1z-Kan7rD61QM_RYz;
z66cNwAVghU`;D<`7WoMBi=b%DRmTO3dEN5;B^Y5$VX>7-3cFKAPpGMZbAAH%kR)p=
zgAf_p$uGVm7(&1UVr0JImHQE<qZt9<<|o(<4H<Z=Jr|z#dL~UQ{zMz1KuIrgmy_g;
zL4bd2j^ilbs^O6I7^$8(hZI<aZiq~%zGOKVfQ^`fW^xI$j|`%vp+H?!fC>tW-&WKX
z?YO8#?hQQy+?-4SbWQBn*7SsSV$@Z;MPUjq3w;MFo|lS)fL!;Bsqbw%Z1g_(6k|7m
zoWMCw|HEaYAsl0}YN;93ybxAAt|{ajrk^-;pH&@=SL<QQCTSFChFGDfVz^m9$k?+b
z;BrB>;ATR;X5CmFG#~%6j`;YF5A&7XABk<_3S-{kJS2ayu)AQH$~w!IG72X$fVo25
z?3jG?xsYjpT&{E;3}Y}XL&hmcU#Y57Vz4*~__?7`!gUI==K;~h-}y%qy+QXGYSJF=
zXQKQ?sM^I#IfZhjAeIyOt6#s|fXDtG0KP1+Etw?&_A?g(1|#i<=|f)Vi)`&Uil{7~
zxzF#2naFMK98o1KC@!pVo!nESv&qD)yktbE?QAp@xEcq<d?y}=$)U^F$K#Q?yqP4X
zMPI?VdyHR*`EZ@nD?)1cIOO!E4)wAOa+yExIZT@OF`&)ww6@S5)*75X!M(ur06s)q
z9PQR6!xtj-A=xSt;^Ukm8{UgfDME~bLPO7|*!^T3=js`2OvSP=_-~GNKv6(v;rnT~
z1$Xc}4eAMIB{9<c=>{2C7x1~86%0qHuwz+?FTqcYrz9_jVlPM-GNMYhHSabr+n<2o
zM!|>oQZuWGva<ON(Z6ZNnJqu&|A1Gf{Loe;?vaF=Qzbb$k*GWzYL29bYZ_}Q%L{R%
z=m$LU*6WLm>|QLa$LXaqF`K*d+gtRc547OUXacA+82a1^4^NKIX4ygz5gu4uINnkU
zjf}<uyJCtQ%~mR{x|L-U3`OG8!OM$;kSKO^)G`C3fy7FJ=cVhGM`3Umpptr=&BiQY
z*6v%9{m7n4M_KtLELOLg+qWPkyMBZ;WAavfmWd{8%QTT@BHm3+i{&ypvdStk6}Tg9
zYjI<p3jUuCx)WxCSFK4SI|*nM_fn%SRD*CDU`IU867e{=)YWm?XC*^P&zJAq%4kzN
zyYwm(&B~8fUHk3mIvjZTfLpe#+g=+__+oE`V%^&Q$3?TkW&C~9j!w4d5a;q4m;K*~
z_g5k!YRv=Rs>&SsoFQv^_|eg?u)4-)LTY~}6;bE_OQEdtSg7C=qY~j0LAsYW%^M|8
z5@x`M1``M^F{MegaWF6sJK4LQwHm0v>8Z)(haaJQ$S4iqspgjJ0E_CJi-&7^MEZn1
zzC7i&_N6$eD?e#Wn)8HLSLT^K^0}QX5oyVP>mS_ff1&-H{$0>%^kwJ5M>Xk-z#@hz
z{_?^RKaG|B3q_L?(dQpI7kIt6T;#`suFXHNxRAfdb_`}1Pof{+&9a+tAnX>$A2;1h
zspf&<j<~4g-3lp@902q|unIkoW_1wpzg?hjuRa;WWI^<RIA}}SLn8)J4Vuc1hxmBW
z*eD?~t7vn#GP_3M*uQ1QQ$#gO#8|vfq=jpivq(;hB$lq=HQ$6C(X}@`&JL?=HjCO8
z$jQoxNT|c1giheqM1Gx_S-f8Jb^>u*<L(s<I?Q#nWi^b7*#Ib(QO#}Ue`Vr}^Kpo7
zNFuIdwyIYG#4<foy>9;eiHeRjjs?qJz@Yw%bAAjzd(`T|UV?&*pBX;WcQCpz`}&G%
zgD0}wIir^J6_H!K1D)*!lpd(8@mof<FHQmuZpd=a$<#-ti41C1vT!Xf;>V|(k}RG8
zb}eF|LNKc{>1{x#9{)ZfV!@l=77dMo_u7^vw+cm8-h1$Gm6_E@z?wu2$Jk`k{c1M;
zd1?wD$IsX76vf<kwZ~=JB--oM*YUF{ZQd~Hz8$jqXq)NA3V(>QrV8C9A62q6`03+@
zE*3+qK$)oWK`EVt+UVou4Amg}KI$?JLq&Y&=<g4dqh%jjDF@auc_?Wz)q0nh9tyKA
zm9vXBCK2=(W^ds3vzUj-<0&Qju#e?yECI`?G>QosBpTRD`{AmDxcjjFu?o_$f*aVZ
z2oaO+J1)$kKaJC-bFmuic4rW`2k=vr&bWuUh2Tt%KbyWNCsAp_0*iw{{FO<|TGGCx
zUAhICsA>T0A_mU&NH{66WK#1$`h7H0bgJl~hD8)jsgK7-?QK()*w@I^ni*Y$x8Y?9
zqFCUCL8)k{E&FaiNnRo<Yl|Y_p`&C71+;fzNA7GxCXYr#x^+RYCx0*P*b$h5u_Bxi
z480Z{j+i`c?@yh;#KX-4I!{0i&4z)AW>9F^${Yen*9C+aH;yh+Y-B5|s~a>9PvBfA
z>X)l%!6-WNn>+4RMXORRkVCM}rDu3B5)&!nKoYpZHlYF;kZ;rw^{}{;y|7hFZrhuJ
zDiUMu_=2&FU1R5{R4^lcKb)!xg^f1fM_p6D76;gIwO=r%LY4l2p&Mp6Qr1^u;DDkY
zXU+liSiozO`iD`!z8Ybf;2#g@E^A_h%Fnb{`Q)Gya#-mF3>0)q4tA^hE(z-6Yu*1)
zkN*tOAm>{31w6@cAOUfminzPWV?0g@DF*Ba>3*|AU*Dxt$U>A(wMx);Wg>u{bw`*M
z7jb@~5PFt&R^t-qOFcWA);fX+tu{qrM)NShiUb-?T*jzLqFQQ3Zju3Y%&I}A`7tpi
z%SpGjx;SLoi=gup3+ocX1gj2`PuLa;30ie5topv#0j#M*O>(3fR#FC>>}17I+|J~7
z-uFkVAgDb<{B$6GdG^?>`oVBzR-DAwwN%|Uhg0yL5fr+(8MrZw5wmNSGLddn4A2h1
zN|vi8pZ*u|I0-*E$eEqb4?I~dZ@;?up9f#(#kP?6DS5*1PE-?Vl&oEDIqK3SHvIJ}
zeZeYED6Nc;uYuXsM3)egZ?OQKF`hD@13F^@-{o39#L!G}EARy2yM!L)^pIj`XK^v|
zHRY+oDU~xWr4T`8Jp-5VWFw1{>v0!=;A*`LR;f-=FGXiWxpUs?nA6ZBa9`EeE~G&U
zPPzy^Y3RfivO=Qww;~BR?znf+T*HuR1VN<*76aX{lA9L<Axi1b5ef7WudPrs{q2WC
zt4Q4{YgW`X>~LBY+h0B8vpP^2uJLpSkXO-C_K=Q-?Q(^VSDae~&*;=bFrwfADv?IC
z#Y;k(2BwwVz57ElfbFI_!+Hb74UW1{i5JNzl6wz(PubG4{E_8VpM;#JQCR?55^JBT
z5%@E0lnO`$+6W?55c6exZ}1D<N&%bUt5@dyxACMJGw$-ftf^ErOF(|QC&m=9U_b4r
z{Pgx|{QFFj^EJWAvxAo@ma||$68?Eo(iVN6)H(Qcv@>g%CvwN-!u1071Sb6NU@5Ty
zs{{HR%vZ7fd~A<oletmTWm+h_NGTJ10Q_@XswUcQ!`{Z2r3ctTT@`KUV>%D}*sx`)
zDJ}-<N?kcuJZk<%zt<F*FDMgu$7B^8Rw22nlyz4KyTKya27Y&_etRo`z-h*PU7;z;
zUFp%&VG9MBzHJDan;R}!IU^-667oi-R$+(j$l-V^sF4!cBg&D1_DqXTGnP*C0%^)6
zG5WF2f%@|vWrlLOBT`IH$;e}LaM-f!n4e<Grnf)Q_N%>8rg*(kh-0OpmDFx+F=m_`
z9Y;l+p$%;j5BC(W1EwIr@HKx`uaA(xDzZC%D|?}$TV!z3<jz%1#mHLju%Cu_2O6m;
zOpE{~)*Z6a@^eQcnDX{^FHD3n*$qn1U@M=^MF#>y&|2I4K04Xf_=_ZEDdBpQYy92-
zAh!DFCuBDG%)q{o>ZqBHsIbi*o+t7<e?JE-JAbfuqUWLOg4HuXVRAM+2;l(}4AcT|
z;kTz&I*23jI)!@nB}!VQjI=BQBBHc&M5MsJi8`$9{;^!py+HFAK_Xt^`<vVf0qCPc
z^{ZxekG6zscn(aBRXQ)+&d8{igY#o$HJjoxzI-vY0AC|hQ+ad6SAEXhhdu~L5kt2$
zJH&3DV^$a7qMaguTJL*H`=U%W2Mzs>0HXas`J!{F<`TSu`-cJt6sx9pT=AWL3%Bfh
zY0`m7^^E7YvF0|hM&%A*#ftjTasQ{wua1DT;^l9XJ5XE{7qRv{EOlLuq$M(t99lIm
zP{4A~4qfick@e>nlw^t({6ukdCkIgd>YxOE$e65=btYp#QGUXt7z>!+3=a+FSd3*!
z5}B}wqb?{zWfVsTgIgtXJ1+GXDH(Ycs%xi^a%wAbhCFJl{raY90oVkRq&p(mryp;F
zPsXAJ=P8luvxqeWN9$>E4<TTTqKUXk;NCitqDtmD^41`Fc`Ix4v&$A|Af>{<5{WID
z!YoH~Kksh<(OX<0z-9_=3*c30NatXSP0_gJE(Zg<uk<A<hA@c!c0SE1fqnxGCU%y{
z@dva!w86XZO&8x3*JL{{-2KkfMBVT1DLml0F&>m+FJ!J>_l3j!RuGv-z&y?%X2ka#
z+yM{uqU&3zQ{JPuf>Y6-S5$Q688-I>1bG&;&AlXm^@8E;%5vkNY0U1A+!nh<Jo<&Y
z+B#)kFUSC{bhQ(V_qr<T`V@C+NC`jFd^ZedA<}qViHQzFsI;T8w7)e^u#q;Oy2#%2
zm5d;n0@jnU^Pv|kvv@6UB)~SOEP=eL@xJgIz9Ck}R1odh703Z>@0{`?d?_-q_ED<W
z$In0jo-~vi{XA2C27T{`^xZ-8i<oaNPcWRpG_>u7B%@Pbz{+($X`hY*zY<b2Cmlrv
z)VUS#Cn&AOXjRyHHZ2^^ezk!W6yWA&XyGZYZ|~?Rr*7xLa`z*i;8i(AIF730^?QMs
z0Ob6-LD~&qrB8OrNKUL&mC{oc%3!1~$X=TOh=@j!=^+J?Sen>)xIBH`0bfS&5DN2k
zk3}LZhiCpko(GC~g>CoC%ev<Vsl1Afo3O$issX>)arjE7FAamyIN5T0P-wXuxW&O2
z_4?eLnCGm-@5DYd!-qllaX)R;*U*l}Ne}Rd(JPt4?ms(xRHVilt>>=~UG-*jy{Q}l
zh6(npqdS2jEc}{}bRXML^}AJeGwRs0Nes>0)G|4h%DwMSy8WsYmTF!x8_`kfP91FI
z6_k$~LiSpEL2ZrAPgoveysxLcEpOWaLF=jqqs9al1Ab#GBL>;IT7iuT)I733kZNSK
zW4K)C%R^5*c2lL<wMQ$-tw~BNz?7i?Pp2M4<vIz)+T$|6t_10)$#@SNm1-=ZrkWBh
zp9UpPfgQoKF@cS9TRt&L##886<<VAo`Hc;Wa0y~i#?>bA%xi8B2-+~+kn)HQJT4Yg
zy(PnUhw)j*b6QTq6k`(;N#+F_bE=??krV6$YC~r2lfle%hqAY3{NA2lzagLi;!2fy
zF1q+M_JiAyn4+_<PgoyjK+n^#b#P43oWzXfS-XS_@!)J!!laCUg1d>^gVgl(a=eLo
zS%1N9lNszp-<+bf;as53Cwl#Us9QQaqM$M88t>e@s~%T&m-a#LJX;sd@?u8)y!evU
zm(?5NRB0wuob19%6XkmNT_;Ev5M(b=HjgP;AK!2!d$TIuj5UcIK8jA2ovPczo0>yq
zYRveZ+qm<)Em2DRp%bkd36ja)5UtT{mtzeGz5lk@)?^KoI%!>Mx(*^_Ujd`(MWqee
zF~)h!Q>yUhLtdZEfS6g^S;DXrT4xe7K2n5X__YZ}M}6-pyKF)7&62q$z@?k*G|xZ3
zY}KTq@>lH<$c>OImwGUc%t?*1S6xSrO);N;m#%kAD5R=0z<M86$e=9RfL!8hl3Om1
zc`sfshIug>f)b<*?GfsLAzY8c&3wme5A1Wd*e`4{ye=V<@EP6as2+uVoGx-y8T&h=
z=DkNkt8VU3LeX&4)siI}0CenPLEYTJ%TXFEs8g437BtBuL`CJhYK|5>PwM^<mz`M?
zU1YXBOqDXW;8=<}Dn2P8{S5gGN0E(dD^1l{Qxb$nh-NZhOwWg2^<A}or2D)?s*7aL
zX)bhPiPT=XVU>$d;kEhrAkN4L1gNWE?hPQ@ieg=d4OjI~wXnKh032~rxOP9cBTrY3
zop)N&^4DSy;GjLm3GVBC5U#FTpXxPsIoeni?mj~6ocFiI@exnC;03%Q48Q-f@g{B)
z7j)}>p!nI<>pT8M=hQw*{EGqUw~EEp>TmY^8%WYzrh6ldpHM01WVgfTw|BO0%Mrne
zZoc*PWuN$l<?7ZRcLF?=_t>1Qf_rVaY*4aF!{YAsx|fKXToncqYy;X9yIAj_+@eIM
z%zEnQ6|I<31(^)M<XxJJSh%GVbLi-Gv>#hwrgN`)qkn=6sR{1Rj#<8?cr%9}6Uxkd
zx66LI?KkB@6vD=<(Fda}#621|wI{=7yZ!bY&*fg#bs?(6qz#B@Yn<bSW$S_&eITLd
zlugIXB_Klvzj^Y1z8r?%Ppvo}#=PT^MbGQy>H(|9R2YM};fKzi>Cay6mF(Ak<C{my
z_Uz5}&a?>)=z29lfZHP_{mycQGA+=x1524uK9(M4F|$1`g)xm!v2MtQ%(LrwmmlK0
z6E6jEf4#7Jp9L7F;iLQ_LylBQ<iwpT!hrqFDDZ(fB0{O&HA0^Lwt1Q!_LkWwnBZ;n
z{W8qTd!$wox;^$mR(wXT^sKj#`z3DenK3~2CjIifuWm01CP78tq`7F)Wc~zR{L7C}
zF#g$249tqg!k;4DBEy?gqCF}v2EY||{@ko~gwhTFZ=3)wIe69}!J6&<Bk8@<%NOL+
z>9jb%{XSd%4FHqQ1Lu0I!3b>*(giGnf=q09MT$!%-1mJr1P~mM=^89t>`;wC;sz70
z$6$DcpHD4wf)va*c_+UwJwfE5j*@Fyd$ZQD6?0iI)RY-Co!M(x-}L9@_kAx}AF6L0
z2lq#4r?Ua>p}zzv13(qpHZ9=ax5^JXYWm}Pj~-zA#zA_}o_0HD0u?A!pPOh{AadK-
zKj^{BHtoKHY(dnT*2He3_ww?%T>H79H5J)S>5e}B2E|5-kw09?uLI}@e|4oTgX!Lg
z%xtgUPwH7RvRn}C)igP1>MwN7>Wv%dF5JK}gM0^Ic?ns$mto}aR54#^hC3VvPEx*{
z!rp#jvbxn@MN#gkK0e*d0CeZkEa{czCxemqRkZ#JgJ>W5#I5AnFBG0~2kfYM$qD>D
z|F(6on}@1Ob39;sRa`Y#-H@_!^UPkQ(<|67C`W)^g`ifO-};jYM+=H;fSl_tjA(cD
zy;TYjo>fus7Wtb0u_5eb@+aooX(>#95yRndLk%Gp$X|0cW%0#%o!L)fkSUK|toIkb
zsLUcN+r8^E>cL;sGli$&^N0kGL3)$hqK3PGR!MixEWWzQeWQ%hLZ{=J{_2$A5Af1G
z3lp?RSRWPRO6g8RT$fIIo2l;7`An;EYa9!>%~~Ti{DrJ*F%Xoq;~-(N>KBJ1ChuUX
zj9;MO;R2a0jR$2e1Q0hLy==FW0)Ie5L}m<do|RM52Ls%2oo|XLO3j{P(gym4Nq!x2
z<oX4>CG~sNr|bCKTlWE8dvsepXTHE&Xs|iy+*x{aWWt+6r`s>dcUiE^u3hbm4iy^!
zksxOAr=Klt@p@uT+o#viA{M3I5D6Ws-P3a^I?<b8yJ-2rYY9WYUM6r3t#MZ&tGVo=
zbmDRw@U@=cu(QDC<>1aKnnpUAXdQ#<Ow}Hu!soD41F1Js;{-m3Yp8n)mP`8=(#?J_
zFd`=Qd#=k&N?i)1o{1Scn9bTL?mTorfel(sNR0vinI{Ml9Kh>Cc0wUH=~I3|8H`ra
zVzbPrqgNft6I&sG-<I$GT2Pb*1A1Y#g`h$|m&&^cDQF>+u?_XRnS^|kAAihc`F11u
zmh3iF!sjFPhMA7r@wpF(4|z!3_XV>DXv9|Kr}bo4P8(jDg%g)n%eIh-ATcQbtrrrw
z9bRwy9*m$Lh7<I&NgIm5fdK^jT1Hjn_$HAd?Q70xO^l;u$(o{)P4VLA;aEiq1;h)5
z_SYRH-)-ruh@OtG4(JG`2qVo!>asFO-|O6aTnlPWs;<rL4zV5~r3(kdm>nC27Q2^q
zg)h2yt2ID<jdx~in6x~M0=b|7$hNWr&qtweD={nF(a>Gv3Vazg;h^Ot%|cdw_rXIL
z!QL~gP2jvU67a`fG&0&kn03}PjXelus>IMid2@chpRWA}JXg|?9l!xEKRQrPz0xhx
z`g12wk;&$!uU@<K>Ikdzv;2qxtaB19p4kN^NWUVzd@a~>W5y<OByr9Jz`HZ$Ugk4u
zfkt~7E8S}Z(gEq{WwQep1cJo~ismf?kSs!ueQcGi6}}uWqZWyT-T8ao1a{*umzbti
z7>g-2Qy-WJjgDhRkOoO36Kz{^IZODwcq~C)f@~xpJmn(cIn)X>s><(dk8vS5t>q59
z)V4=IuR;lssXdct`k>a^*b$R~Izdh1Z=KzrAn|0nK(?MQ<oF<q$M-&>vvE_=Qx3^*
zfM5$jOZ64svcXC4zc7BW9oaIQpX1lrx_v@o5KvjPXpO9#(3v8%$+gR(VKnZF`f7;#
z{dHg$yE8_mgl{7EH=6JZaSOghEbwX?9q3t3^{<0$U}-tcM-|C@xez$>2aUh}fCSJc
z5)G)ejRo|p*hb_0TO06S=f&KA&WqVOxViuPyjTlbRduC9;L{ZMs0Cd#H0U%zp#(Vx
zoiI5nY@Sg*wLA(U7+yIILiZ;Un|PMN*-Avv;c&uiC4_z=q1sIdd84lSq13&7L9NWp
z`#XfOXsvel?%QRjc0;q&UZ3~-*LMjqT%>$4GE{49hV^=O2SC`tVfp}90+V0(WsWd`
z8`j&4afxO;QmIo|)T{$I+eV!qU+<Wd13n_Qq{u1NgyLuIog)?IY2TRA$D3cQrvt6S
z=c^t2*JH5G^aoS9b<}PHeVpj0;GbITU^AIQUQjS`(0b_EnCRv$t&b?Qh9E{S>n>p#
ztSPHtH^|_x)&W;{r5)(+0Cz=<{Y%TVRNDuhPTQ?JS$Dc9O`=~UI;fautu$r}$C`lA
zHjq-G!)XQ`0fR<Y+jyNi?{LYZz>uga3c$;_QD%B0$G4X7TvkrU9E&%}6m%*pvVA%F
z0tzLDBuw^nr(%H;fxHq$>+<p>eD)Zp(kW`>W6=rV?~m_`a@<9piP#KjPnEkxx`{At
zndy=gC9Fj!E2Mp)>bwIb+VaOmn&VGa?55J(%J5W_6TvLSQ)P}xX?P0VlG5e(<*18N
z6QOwGF(u0?5=p^pLNWOq$^@ozF~wqwaESsF@rg<#6GQ_DjyO&uhB^Jr;Qh0Mb+R_}
zcKQ5A7l5?=DMUAc%rQ6QW*o0$!c2FsP;LZTyt~88ogdr1y!(2OoxO3I%mrRWCMH8;
zf)c|qPrf(vbG0$2F_GkEi4fzzn5WWSjlH;$&ttDFb|sCcN9=GrSN71+4S*0p8enA!
zynLm6ZW=wOHIX@cjnPKs75?ab?E4oFW)Y77Re)hdU=U409gey)jSY?d7s=wH;Zf=Z
zE6=(-YgvqBOlmk>VzFJ<K#}NIOD!2MUEPQSYjC{vyT^#ZXZNI{rAsEg*1;SB=n^9-
z4M(o5H%z3+eV6x;?TTm~;nVU^<y%c@Mjslwohl108g4b`@;y87^W}{K{=^L<krkR|
zNr1%FTfDGAM|bNBnw9Vpu4}z_fh^e^2Uck)YsW2FM~R7{FV1Pf1^rnTeew-YK7Bor
zwN^D`V6F^Aw?i~IZ#YJ(g?x=%!lZ|dkS=cBE>jHU4>b>#Dl|?@dJ@_K4?eL&8(73U
zF0|T_@}CghDA7wHeL<n=JCKcasUF!mk^nDSG-xBVDlmm)R0Ng5udXz(llDw<!=5L_
z1;Dq%?DJ6#&TPGnK3NFY-K|gN(>;1lt`!)mM>YbomGzX+IZScCI(81vk2@?;<0yYx
zAq9SAS%}DB!86txx2IQX?$?>t<@ZUI9Y4FGdC(&7$Pay2!tYBRP)5p>=NLufI|i(j
z8zPMKc7c7u;eKRKxy04qs71CZk$+$Hn!u>+Wc2fLxWL>do=w6-Ws5&U&W{Jzp+a4m
zUn(BP#2k;bkXM8zU69&^<pNO%2Du98MfRpgly!{2u}_;g%3_=qHl(R$*OF3=;8}zc
zDN`JHByz3R3n7SKa5Kn_>G>*~fDW)8-nlXimIMQw{oYzQEP}pER?S0ep=;(MrFYiw
z>R8;IGaq#tG8%ayuk*nMzX1{p-#o;&S_iN(O5~^qtjdHW>hcGd%hSe2$;w7755d){
z_CM1csoJXJss&Q_U&<y{nO~CjUt;hh001qFlbI=e3++2!R;Zz!7(99K$pF6=tk+t%
zMd)z4J)j0XB5)CM-!S4H7byqEWofRUPDD2<d1dJj80vH1ekA4)_jEd6=XN1=RpDue
z-;d#_qdzC%Jr@+MVi*|i^z2adL_XJ%qZdn+FLIGWg2%Hy=x=LZ$(UV6Ygn}va(EQ~
z9Jo<z$%fj^GU#W*rl>!YLjuTUK!mPxg$=K};#%b``TAw;Kr0`V7Hn}tuKG6{H&FVr
zO_IgE(xy!>&Mc9B7V)ivfPtF^JF=)&8vYQ0G4}-F_>{+QlW+cesAoSKX~oyitC{3c
zToXB^>6<;cPyIIIk-9Azw*6;Lw}7lYh+bJq^3vha)S~6zdTr~0FDZbGS%ctB?F=df
z1`3$w5D;ynE3mSI4)k3sMYXjYn8$CM-{FQ*Xp=FAaU;{5{B*kIPy_kqp3bhZPM)cc
z@6kii9(o;FWD+VI3lHqGx*l49C$3b0b!n;j1PG2Z=+{H`%Tg<A#E4VzRd2^C6Lue%
z3kOW<35YXD^)(<Z+dV)gL$rsB7+^`zb$vGcOg|SEWc`@eF)cGX;5nS$-Y~CeD#J}<
z9G7F?=6SNwA`kJq{&&-F&@sTY)ChXvF1m^edc(N%bBi67D>3Kr$U12m&7L9MHp+V4
zH8Jlx>z(PT>}sa!2N0m@{+K=`iU5g_I1k+#bJ1!-B@ag8gNiFo<>>L}+zix26AzJG
zeUjTcYQsX5>QAxBXQq_i@w~g&)Gtj$+&%>bg!~eEneaYNh1-k9i0|Mknfe6ysVR8m
zo5MCXF14ESEnfygHKPT0&T#m!#en_CPx})o*5D(26u22ePP-C2AfX*rBcYRN!m=H8
ziTX~ao0F{A$!Y-G`A?>p#bsIavPu+YX8R^Z(%>eOKQ~c2jTZV@`KU<3%T<sRS9F9t
zG!SKe))NYYBHhgai(q-)Um<((__=Xwc1Ji)Ba(N%myAXYx~gd`9F{UhdQm<JU6SzW
z->2$@tf3DXlY<Vh?1u3iCk+L|h8B^LsX%vsD<&^pZtDbu))E||uZs9|GKJuNu5a|<
zv~``^#V;Rvqj_>tc;@E6+E4)VGEhXR`_Q12HK$Lzef-MG&$c};>YuKD%{CIblg_LO
z8~XE;*XY#jl?A2zVx>-&+%9sS&ddHb<5OU$!V|)9kU5-nG;zYG$>w04begzDn%T@H
z%3o>^4<b?k%+A>;hhsP{27%WU6hsEP(q8gXKXJiOJ%vjKM?kRJWkMuXBdXFQ2b%Fh
zeInt2?(T{g^Os8~NZ-k~mz%z1X=c0mp{eX&RO#}nB}rJP-=-Op{j^+lw}MyCTV@fv
zKJDuE7~ew$8ty)RbM}<ZxMhz!)H`!MWCS)mPdF3<8qGfxyLcYhTU=fKpTfR6DylB(
zTS}!vS_x^9m}F*1NeOABTSB@!t|FbnfHX*#5`uJtgdiv(ErJLlAtfE(;Je=Ed4zYZ
z@BA}&?YsBcarVCV%)RIQZq2Fh8(wIWjxtWL6~5(7kG-y#tZoAb6Q*G%SNd;qQ*Fif
zMprejV_Tvj-el#TNu{SLkM)Beb&?Ig`ypYhcy@CV&&Gfx@sq>8Ca%~$<TaNz{j@Tg
z&D-_&;$*BT^EVw|%CY9Pn39DY!1~`UdeWUrrIi9>vdKT!T?$MnlG>$)GQEGk27P)x
zF4xlgv1XEJd1NB0aC=ZHo!w9n&q-)1QE_L&X9GP}W7SL7T^(T}^38amWDG<vliJdm
z<JlXQ*Ml;9Mo9Siei$=9IMd!vBt0=L#YFKiQ)q7o?uFNTpQR|Q!25f8F5%*^s2HIE
z2+s%@mmS+tz?sXYt4&*W;1A?+){wkibE}23D`zJ=vru7OmwqdV$Em_lGvo)KpyIdW
z+8cwxN}Kp1kD>Kcc{{1qF`>PFQQ8Elc+uMqJB6;djeQ4wuUfI!E>)ULN3D$VE*(6B
ze}5>&C$Anax12m-Wi{m1tQ6}W>NlHz^xL5Z@b(8>Sse{-XVUO0^E2gIg#~Hu4~6j&
zSBD}-0<iFh5XSGG;x$t4`Bg`LV&9fDpbBb|jzd2dW)N$G&V_lt;bRUY>-bUQP8y&-
zUWhe9SV58#cw>*kB6_3>_bf$*l-uzp8@QHu_6ES=D0ah2waYqT<Ypqokz_q=wo4-f
zpf85O0Zp!tEb^Q)p3tVO;kr*5QVt7MMYz9m3>BY}izKEt3(9e|EyAHcQV>x&b9&h9
zsaB1-I?wV+6Q}()j|XNlbDybr7hP3!NOj=hqNim@5*@LU*2?6K8YF;J_|FfXhJ=m}
zIaVuw{zcla)#llb{{6MLH<{&X*Mk#$Ak_p-YBBFofgdV*<rI&|=13w3pwpS4TUI+$
z5lV)p1X3F*`VJHm-DR3-++g(%$NbOLu6VY#Z}rx=G@aSr*^@xkj0A|Jc}jb;<0#jY
zxR=KSkFfl9lCdFF?#c<J`o4&*#nX`IqgSaxxLr?|)rVe%?<0~~JBqHGEsQ)10B&C^
z`OR(PCggW0HJrdo+%P1RD~&qfBCVi$Kfg8PDm`y6TKiZhOU%?#sCH_@KH@Mzy8{;E
zxMwRuwKk;Ao{A-3sV?p;W=dj%FA$EyN<YrzaJHk|r>EWdEfP?8?oeY(W`4aF6jtXm
z;WGN(e4TK=rJod6aqkem&|H4&6o{A_pR0@cD8eZC=qktA84M?QD^AZSXZuLm(5xb~
z*Tc!6QZVt|tHslC&$TF`6XbSpj=^ksTyMaHjtr!tI@8Epc&_2M=bXj54k;bW>KZT4
zY7d#y_Tt`gDqY$Y-4*lXuD+JmI{qVmoPFaxY@MCcX9=T0c*H)tG{Dp7Y=Hg)Eu&=D
zh9e~SXyt>g!`h^rnC@p(hnIR)h_YC}T#Hma$7`&RDwBavfd{)w-A&Ei+Y@E3J~f{{
z8{e9&&;RYzK}S{pepmMk3)JDunPM(;_wxtM>dEURhBgM&K7+S9M@g9l0<zcLCg;|g
zgQ=*OaU+bYZw`JI+E#9A9LNXQ%PND)>hiRwPx99&oaLtAxeNnUF$rlDw}NyB&dMF$
z>BcF%w?3GTf}e)49LP+>F03zP#HU1x;2+K3l~4sW^tbhyei?!$Li14Y<#5kV>)H^`
zWDfb?!7ty__TD*rWc0o?>Y3{7??#RLX*;tWAsQilG>L*#4vF_Qq~bY&HEH72glKhA
zdk<S(J?0NlnncxGWyvZ26#mdg3b#-7rwShRU2bgw@eecU(3Q>|GK#DsGG&OR9|aR4
zA`{9wZR9nOXS%#z#5yXlAO2z{vF<$*#FcU^OocG?+$t3Ys-PlU%}}2|D9cZ8Lq+EE
zFV*xNLG7Ib#bKLhkCkkoL~B=ufgWot*OHfKDVhQMuI)jh<qL6<otz4O&*vtObNAy7
zi;?LFX*L@vDt6O-mvEAtILi~eR+}beL()cmTdlB+y<tbjPdit=%ge75lbV(h&gO_Y
zYj4Kpb^PvDs~yX`|9P>#kM#M&qyu}#@>c&d1`v)^rpWmHv;H|eV2AnsQ*onR;7Mln
zAeCCrqWrhJFk5QM`4jJ`CmC)cF!y!6m_)*rcSb9(lS=iRj9=b3Q#aSR9&E^+RB%w>
z74H)=(%J1zN^d}1D-`)+$NCk^u<P5!<S6ZjszrVuJ!wgt>%Skj9ZH7U36mY8Vp{xP
zq8mYLiNwD@gxZOc)dLCLBBZoUob@6*d2UN-0zq8|`wFZ|SH})-YYwf%w9iXo!{_7F
zSs!O`CKB973b*ic3SmJ1%#-7S>tDSpFE3UhAPi)2@|aDEaU-*NBAH^(Esl4v#2h@r
zk+(bCC}7Xx>3ut?6}~R-^37_bP1L~Ca<VE&fk!{pw+vT~y#+wxUaKz?fC9&xzs^qf
z+xqTet=*;1i=%OQ`TXd9$Pz&}T(r8{W|Gfn1v&dc!M`mkIEK$_d`hU);5h8tyNptW
zHIIW+y{3mBA8bK2iFucZ0`Kj|_9;qRaS@{4356USjO#d*i&t=&cvy>Di)-3nHO0)?
zC|LF82MijT_jUlh)7^v@hPXV0)h|HUF-i5~6cHS=mB-88-86`3S&uLCEGO#o6!VhR
zS7jV-OBPLipCaYgU$67)vYf|yjRkM_fwMe*rkZBt`1syE^&TffIVJ~dVQ<*}OQuY0
z%P*(L#wEKhZ(K-f#g#ui0u7Cy=FmS57{HMlpvf0R-PWT7RGR9*7Dm%;BPG2?oC)Tm
z?4z6sGGt#o+&1+dw-ndG)l&?@R4l|TP6uY_bOj<7X`qwWnCjlhqztZx2{ZY@Qr`u8
zD>Dc8+kAgZ;>wgBX@y@*SoVdlhSx<^hNd%K>JED4BjfII(2X%6zQAiV@*drkYrY+}
zMpj?2<|&4U016Mej-S<cu?fc2>kFvoBS5j8txOiqyGVXcg^1*&t-us#FB7{k%Kj|P
z#_PqW2F!wUWSrXHIs*)XP<TBW(F=G7(q0XUTU##Ms-kLU)OnQiiC;~z%UY#%v{eEr
z^SQ)00WJRld-MY@Z*f66cMJC}KH?{Ba=&q~9O1%W0a@~0tp}MA`OV*|Somtc?$wF&
zt(@hzZ1q|cxPbK7iL}D}HTQ~5D6?`<pjaXKAF_rI->AnnriRcjCj0I2^y`}92up@9
zfqP0PH$%tB2i3_F$$fs=Z{HrO<uo(1ur%MAVhvDhj3p%~p7v+kk@6Kf496q98p#Ko
zElei=2JYsa_U9V74?M=QnOfeJE$aDj7o7o(92}4;3Uwp274(}suE@}jGEljv{~q)H
zp`)PD+_QaFT!qG@Kkg(3)JMFfHXBv5OSlQpI^(^o^D2D8tEkDr@vHyA_?>s8XK&f=
zrkg>BVMT0tuW}1tHp&+B3Yst#A?2qOuNQ3)CIhlGIMQ887T{&blKclc;a`mTPp}Rd
zRY1z&OlLh=eGkXzl|}{N4;dw27v3oqs5Oxsm0#!?uzaq*8eUGU+9vLV)sq=`xA@Mg
z#;TjET&l{NLe2B8to)z#UB`zrTM`<*FA6BT>kki+a+{`C?Gkze-sDsc52@Y?*UB9;
zLs$Z1y&pAS_%69l7UYD(iW8QDVjJ>q<AL86hT**_fY*t>s?Mr5Beh-wtjOE2qOu79
z$MFv+4pvqic8W5z!dCdU^L8HSu&|b&Ds}nJGVcs7e4{6uBA#tPU?Itgd%b<R&&YrK
zN~E!;B97c~WgTe&vOf3-S3bvsEhw8-AQ^D9E@~`fG18sb9IdbkJ?S2W-xZ6P0o#zY
zY@ji_F9h@QQjymeN!{G2i?ejb??=xjc4mF0)sfX)DBU5V?B?K7FA-F#F^IDk7Shm~
zP18b`JkOEWh~<bGAbgJ=&9R6YOZ1)6f26K<V}60|cSCNJ&M0Jv){5na5yb=<6*Z7>
z>*?_X0$+e)wW_Sw;3F>JsCuVpa}wJ-1A`+vQSM%?wEfxpA;WHLK9$Adnv|`Yyu6yP
zm6`%i8HpG=SAwT;`#5!M%$J|vZh^fik)9;I?(yykr;+mRMmXv3M42v*t}HWwFkErN
z+J^FblSAIG-k@>kvddf?ZDqBIm|_94bh;;1*RQKEa5^ala_UpOe;<yP#_gRq=VCNp
z@~$owNoFRM$jn*8&phg58M>ibysIK@;$NZfy%iwQOp{=fk@Tq4dxRa4W8qp}{N2;d
zP8DD6vCL}c)2qq1X+XIBM9D9}kIE2SgCEauXog>k3EUjacG91vt+<Bcqj8G_$TPw5
z<>V_ka$7DYuprk^)RY9vB_}$*ct&YJ6BIKiDA<h5Yb<9jE7$OTQ~I`+s)BUNfVZGj
zU-Z#y%NcwoQN_|ITT^*?Qwg1R6S^`2LCma1%6$RNbPv1gcMj&Oj46!YM3@6V(DSmH
zIxB6D5oqIo*H;3oy~G~T`846!2&^s6sMn}caS!qh@C@`1-jTA^sd!W6?~=Foo=V7f
z#w&GHkB6M`{k*cz=5^Z5?IuIAlQ*><T?C2uLU@N*^h%o_>gZ^Ga@~*kN!@Aa;89iK
z>`_&-X?0|m+VzBdldAnbm9f6_%XrO}9C~*Nu<t(p!G_13p8%GFzCt}_w-b8j0~xxm
zjq88+Q7yHx;vm3KG;zBMmH_4vwhERe`gOZFIr7hz!hauLBhhE=n3s(L|9y0=Wu>B_
zMeR>~Qu><W(W>w&NxsoFxOHbFM>K~nIT3g5?a)w}N7w=3Z-NwGwgm@UEE8UDDre=g
z4-0Q_YP<jJYE&2b^f!nu`a?g`Ne;4<$M@*Nntl0{2De!LzNEo`$ghSa-&qe53Yni>
zvTSi}r}#jT9Qc#mH)^S_F5ftMJE5DL-g2EL_VXp{bY^W1Os9)o;oPM8ost0}(-k4E
z!{y>pl3xcDKJKtA5Lx6>^e%WYjYN~^(TZBEYBQY$c1GqVjoPS<I7DTFR2h=9)=wh5
zWn7*6e|r92*-5PWF&@}i`(r=;Wm0X=h}rMsz<pf6&9TtiU0%wz|NRnaI{sOUGKeTA
zTzNw|EjB(aPEd%K1@g$;LSv`+>!=NN*DC{>2BiJ14j$uxWby~sp>g=;)L@f-(?w#A
zG_TA}OHpGBP+wAVKM%)~<W^irWpYh2s$buN5t^CYj|+ZAoAEg|7W3r!p<LvGPYtMM
zcs&mox;<oSg%C;;36OaibyDkJa%6y3Okh|qTXkRrS-0+DDPKJ#78WHFw(vYYZtt6a
zCO(hD(`q2j@^fk?ODV0tDIyNBU}l!Qjo1|W$TRdoCVRp5NSu|FpsKFAI7?HjA|pn|
z?m4i1xI5{hJrQtohnVi|MAw5x#udj{aV90eHQaOR-Hz>%^i{j%h9p^j>K7^U55{v>
zNrVpVKfaHYc6mq{D)S^HU_q;7eDEh<Gxxwk4{bKfEmfb{9UT1q){+fK<L-)&R#^NP
z@7(Dpy2H{G5G%friFh{yeXDT5X`@I?60fX(mYjV=g8oQbdA=9&%HS!RtJnBejHTUm
z;C)gy*L&{I#!-=;n3WfXwXWutM_!}R7HB-JK5jP-J9}}}3?(WgpsIG|Mbu`?@voGj
zlsCG~)g^RfnDvp*61q1kUM-rb8>;j0@kDF>C~?d8j>xOfA0@KSvxwZ3F;5t%x(!8m
z_&r^-GmE}bhVLk&%}zuv=5Uj{1@pC<ae!4--pDS7wS9;3je;F#b++C7?MUj^&giDc
z-&F7BuH##sED&h6U;o;QV>tIcy!#YjT_2_?;7KZp<9|BQP}@+@;deiVwjiTcrS=rF
zImmHoje(l=aY#&6-7~4L^M}p%rs6_dZ*-73PT_Tw2vUBJ%2TX0yn5p2KwcEiCddlZ
z<d}<)PfLOW@TlI*&rIlz*@u-xx8HSAa&oWG{8lDQU%H#D!r?+ztQSfd-1B<lNpmdG
zPoD*j)9iFrK)gt2vY$u6ABS{CKxTAok$%`~J|tR#@~+m|jfIfZ7*F_oN@Ex0BSW1E
z{Jx(yHb498fA;J8`$^V=$wR(vu>INt%y!+&tO5%ph~5UjRDX#Q(GdNWIFlysz||@J
z=9YKCfT<O?R>BVYmtoCO?P3~@r|8c^cbnblDnZdKE5(N@K}>eqDR*Y#4MJ?pLz=DY
zn)fPw*EkYTEw|I%5lXQ}dC)N}-4uahYyQbpz5IC69LveoH2o+;_Sq)hxo;^TfS<+B
z=Bb0co7y9R7WgBd(*)lV{}O)}cR!_vg5P!bt75v2g4d^wG}R1EH4@_IAo|=T{cxK*
z_lF2H{7Ajnh@OUh&f4<(C}A^3w7yIFLQNpqXCnTAwtK!hnnsnYf^vy|%P|^KEAsOf
zw^uop(Q7-q$%pDzS-&dgMrh~=oPmd1ensT|$ytUGpKT}f#8ovm3R>IS1w&xl+(VvP
zWYz>Ms%gt!-Fyf1>7Vka^|IshPJHuMBDf-rHJka_9F^K_%X&KPt_i%LwVEgV*cR<t
zeS%ATmv@NXnM>xD5km{ANxTy7z%Lpz2+wp#K;5C|N<nQnW3y=KFT9k>@djA5=f69<
zzN6MPDyR(Ne$E?1+=%PHfr}GVKg*7exuL|#V#7uJwuh#EVn8h1YGE(i!6)}s4m0)x
z3gaiBg`0P$3m*1TaC(Zm(`K!Gb{@gv_-SdOpLGmb*vS1+u{>d;p>uew|0==iL;d?L
zHGRX9`cGA_eMw)W3q5ZvzCuF}gzvA`DOj8KX&JNADbcoo8ynfm?Y=ja4t%gnypv}=
z;H>^kLjAbHc5ae4q`7{IV2Cw@z?IjRDYpTeDA&+A6k8X&p)+K9#eIVw-8`lc&R{t2
zxh1LL5tYD1JUL7~_8qTdj!Nap-i?;NvJV82#5z44jVIG%>4bh^ol~i@z!&`GTKsh}
zv8$azuM~K4;U^<KQ5@Vah}<oLY^(Bu1vMDm3PHG1JZ8Ln-(6i~{G(;Dmwj&vP7E4g
zKSy^xEOfvg51h_yE>;lccGmB=WE#2lh>lJ<UP`IU(}?)Wh+9!b9$KtCuNiAhwL`#W
zn;^msRs8b1i(3Api9nUP&p<`+=b38<9iO2>d~=ff_w3PKabsz+?;3Tp%7%1oHJemN
z_YKO_`?`nOZo*J?Rzbz0XK|r4wqJf5#S3()7<08s%QqxwO!8@Fm@W7D&^oj3v1%@S
zT+H+~$kNKy7(glLs0B%R)V7JvmS5X3zYq9??b?_bwWK_5(R@ByG6?X_EGtiZRixap
z+%H@i&eRvI*<RH#%*a5czr9h~JfOL39vT_cFrBU*k-xE(ZtWnSDVMcY({|F!YV31u
zSqdu{KQ42!6Dy#>ld&E3t$B#vdQD8RNh-H9gxZB{E^H^7-}9JAQkk);LCT~;RO`3N
zbkztm&vx?myC!GMi)NrR;sh^RSem!ym)r4^mNpt{>gKcl@8WV{x5L#)7KQM{7hk@2
z?{hL4^LjNMA$He#5K3q3&RJ4cR9f>RY7!z^&C*I6G}}2$ZF5|e72c~fGgGY`>NJ4!
z!?~2ClLpni%Kzj=_2bM@1`6gV98|XN`W`C?funS=!8SYUZJQ6wW#f*2tm(*|63$65
zEa=syeacr=s=tZ=JMx@0c%3}2UJZU6*sZ_1Y(8bF3h`FuZk7#>Zia1}jL}RfrO%^B
z>+zrxiwWFe{p(6P7R3_xei*j#dswgcEadzOGhCIk43l9!pxFAty&miqHd_c5Wi1HI
zY&`veS<<xScSH;1g-i7p3|5|Iy~&*I^<F_+%=Qu}F?Q5WzM39BE;45l4ZTSqkT?9{
zfh3|*LekLbl%hUax;|cVj>mzLg1M|;&D6=(0xc=3&%`)g66%QcSylFEnIx9zs@^;P
z&Q$^j&Ku^I`dSU<Uz6*BiLA4#G*m=cZz*1ezn--G>8qQ-a9Rz{^8^b~k`-;*sAl0h
z=VjZ>uXDakqs=&)EJ{^Y&f$G-Md^HIjeQS1f3_zg$cZTUouR4}3@I}|l2a$pR(BjY
z_qgCL)UT5i-1gq|8Fps<3jgJX@IB)P%ZiiKQ690;S_w>DUzZpRW5&U*z2S3DoTDO{
zZ$DVDO^SI7pbl)~q3vgMi{x$47Eb>}6^cu7Ft!ozw!Duo#n!Ut+}+BPf1)k3EdIsG
zabS_{>*Dn@boh8dZjvN;%q!!*qcp5iNTsr)>rMvZFb=+D5PIu}j_5;uC50s-+Le*T
z>MyZJ@hnya{h`@w$y-NfO!NBBk*CBz3^)W^J+u9O0WU<f>)wLdn?G7q`d(Q!b@-Ge
z@oXyt&uw*LIv`<mTulRW4}n_~-E^$T`uH+an(wYX>hq2J8#Lv~B&LK6opvR=ywUmz
z&8BtSE3&4;-AID6QK_;w2h<uW<(h?GZ5!S)$PKOx43G|ugaNN{28$U+WoeBWJUbWW
z+CXPGuW@j(3M)51gke!2|G-83XL<}i#}8;76egoU{(-Id&nd|HDT%M<R9MK$!r!de
zxNt$t4&lK)$p0MR?YFX-qfllRP&kSgWMK~G1%oY2ctM!P`$)jV1PZZu1ck%Q&?bAB
z7c&R#SU7Nu_~%2WKfn8j2n@~v=;)?63<^bHP%+LMvpqAxp92I60>Mn=|DwU55HJS)
z;BOijgjv86dBg@l;SdZ+$KNMmsB`Fpzi4m}=sW~}(O?KD=%OqF0)kyKKmY-{Xn+6$
z`NvQI)8jwZ!vvtvi^2jhfpe&izZJs~AWYEzqQQ~SbNrRRXfP=3vN2!?=s$et`Y{a?
z?~9&*5K!<%8VrU2V<1b;+rLI5ke4F^g@Z2|2m?c57l#Xk05F4ip+gW7d5$piw-QXQ
zT%v(tNX&|(zxXh+mmC3uF#~mh4+a(ZA7e27|LX}D6aNd07-7^!kHJvnrE!Nr5&uV$
zA<khp{xT3Fdk(4d5A9F<!2)2=Ma3`}9Cj&$P{bvVVPMpy{J`{gjx6(!lJf(w!2e}5
z5;(_8`HK+-0iA=*{6)hEU#b!a2!XuF2ZLhj?}980Q;`>k2?F|GV}O6d4}l;rd4kDb
z&?O}hDEwlyFtV4T1%V+iXFm*dj_dQUbLa7gK`;gXUm}Kv5k5!W`IqsWhRO7c<q5;2
z^~Gxi3?cx#EQ|VY+5PDl3PvG-OWwgC;7dv{nlJKUgi(Kag6R?pLtRQ>7z~5DdchGG
z1a*$fbl!k}vL7Q1zsQJ5^mAyV^Y#xPrbFb#Xkm0*Dlv>K>S7dNm^}YGTA295FjtjJ
zN|4}7A%tV{@^4{GZXl7Dt{(!JioKX{nEVA_GzI~|6fJPcJAunL5IFpDl?Xu2p^*NL
z3<3haXdn!6dFT)b)H#;XAK3&n79|!kp%9DNP#i8L4i=XNo!=UeQZSed1df6r#St*D
pI7$XABQ7fZ|K%_^2kLThHF0+JbT+pjK%k%q1OYp{w6YAr{{w2N07n1-

delta 44272
zcmZU)Q+S|JleQb%w$n*Ewr$()*f!qSwr$(&Bputf*<r{3H~X5IeK1FBT~&3q4xYN7
zs+Io^Q5FQz01paGYi&Ajj-mRUYRcK!r52_zW#MkU$lI`*Sx~N{W>#&_`Qw0zqT1+L
zf?%Xq`36q*9{_T*Ai?<3;wnip6Uc3_axdpMi{(Cdkf?H~i9lBWkgLet_R(ZWm7(&3
zW=2u|X>zo#;un*l{6#v=J<dHC{5xn?Ir_iwLmkV$Y#adiewfMuIymZgrca0wzYlS<
zt|w(mEFN~LVz@H2v2yYy(GRmMJ`^zOm(Z^Yyto>DZRbfW4XEpn$;pV7xX#dZ1YxLu
zFsSZ$wjIOr+|kTtLa=&09&lI|WKaEVME;VWR7bLB;DzQOf%iqU`$?>~rLsX_hT+3t
zJXRvtdj~Z9oVHHRlGfAU|Ip9k!}qU@_1kte;QORizKiCnRvM-?h=Nl`&Q{kcQd86W
zQX{u)R6Pmyz<!@NxoXdTAvV7?C(l4xr3sNNq?b6gBY<F-fBpV?wzS+U@c*)!hgxYC
zhJDVg-hDMd$ZZe*W)6$f*EH|o#$u1B_fts!fd*t-`(dPu=LJXiBdp$I)KMY}W|Kw7
zi8Ozn3T^fw=r|v&Q7t3Jym8&tq!C9elVG*ciLlM6=R`DJZ_ZT6N@zVgU0(?(wpAt|
zSBh~~B~+6d$M{5^;bFY#JzGpZa4xQ2Zh8=(-0tim1iH!@;%Ex}MN_v4)bL6=vOuuB
z+60!?M%D>8FkU4v)ahhWETl}08+X;1KbprLsy@!I7C#tSkR(TiHxSHvU?IMImTB**
zi4Y`T;5>=dp+yP<>(O;MU#Ow9QTtKZgY0HCiwXz}<HH6#JS)H%2GdqmAjRTiZPCuv
zHJKf{>JgDmXIl9XyXIlc!))@lVIP{;;sGwP>yu@jiB|sDFmA2}{f)xHf2)O%$&jEa
zOIFR^80goQTSi4d4%CR0p(tikyu~R9(kD}h1t=<B^NG{=S+c+J2MV|c7)iWI4a*3E
zxY7@o4X`QJzyq{Uujgxf-3UtzL<HO@!v0w7y>!g_w$eQ5nS_Td;UB@=H4+>A2f%0J
zk#%DndY{}d6SfjaKfdnay_A0A;}TmNt^?DYdC8kSugxuQzHoL+-zbBSbtjH_2olrO
zY7vU|a=RZ+UL!U?G?vlI6dpTdOW)<|G!0C^I3oB0T75!9;Urwk)FtTL&=GG2Q$6#)
z(JxR7U)=ARp>VM)F|=<r58|}kWkAZ6F?6rQ4F-NhSePE?%Rhdw{F+#0*(Dr29~%rq
zIwgT|e3gws7NzpRc-<(QOkcU#*AzX^{W@tf<?2Ai4Eq^RX<I?S?`r)?<C$U6Y~fNO
z67H`VK6oCNyg0^#3`u25513w0)t<W2xJyfL$>o%6<S~9_MW`=8;o0Su3J5K@KU$Rl
zc)fL2c43iwBgWa?4T)az^2YDh!>BpCn0$7r6|B(euG<P?b2P6oFhAm4v~D%pNo}sx
z(!&lAe#K+<Q&IpeXN`HCp?}#0nlr=wE^w=>s7Q(0>?Bz+7XE3sM<;>bom=M{)kmsd
z%{Qrn5o_2Y%2IQ)+JU`O0FCUdus!=#$;NrVdp6CbXUI`=i_LkYPbw0xSP7KMLXG?J
zZ`Ku7zojS9Na&e@tLHm^-eXiUw{BOwiU~j1R=M0^NieZd{G~IYQbXDh!lkzF9>sqt
z8V}N+1bggCgN&;Ekp{Ns@sC<fD88RzhaJYbbEaK7goSymhCH2u18}8Y+#~R0i|V=k
z1818X#<YbM?9$Y4xfyi2d6N^e#NdN_rPO+*8%XZd9;#9xORdtH#yg?#e9Xfb<(YXk
zUpIE_&~$4$bbcw^KDI=o$?p#-4MRb_en^{gtnVXRNyAAN(=QF>NNqMzt@MiTAbg?k
zrHq357M13M5sB&A2v9=j6A3OT=Gykj|CFxm!7x(U*(c*-y&zL1Ua9hO1zq^$(Q%fG
ze{vsqvHs-kxbU>@Upl$$mZ_&dCR=wN|7(Mr6Dp42Bnr2{hlXN9y5PGO39-}m_;1kP
z<<6kMtsj$q7H<=4&Kj}=4Xa(n){_+SDO;*Y<wpv6<wK+pCSVv;AXMfRa-ZrfZ$;AW
zBo(K0GmopO6$oiH9qv3dRQC0$$2sUugTLGLw$5Y^d53Ea?J=wOmkiAe#w5{VAjEe$
zsjPIt3b?9FZ{7KGMHu*-mO7%Zyv<y%oe@jYR$ESSHFW-701ZrR+!cm-2PC$T61G);
zM5p(<J$Pl12(W^t#|0&HZjR0ygyb;_c72dspm(79Iel2iEBQ-|zjFj3rAk{XoG10k
zwMsr9F>ueq%dLxC_(7XWN6~83m{nJy{y?z{DxbPbMk+6Gf$&U;);lZsaQzCB<fo*_
zSzV)lcH*Iuj++3&0#qzKl-u@KbypsYsMVq6ur6o}GQi*eLRGE%oc2BVhJ?0lclSgO
z#?YmpxiAQ)==0-}{VQR#4msuwll}EO${mN+Pq=2=1M<wZ|NGPS?eh33yt<O;r@|^I
z558brC1+Q`vp~&LokVSv&(q6z_T(ka+w1)k<H_TRJbxQLZ_CbK|I9CrY{Qvv4$=DE
z{@fh}2jJvM&QVuZgWrwTKyAx6Ag1^xkH78DtyeBc3-<9^LR0e@ZkN^&RL~M9L<e_(
z0a!m2REbW|+;}~);EL`i7yh(l-Zm5c8E^d9`Ic0&q)Tx>M@M{FS@D&Kf4R(21e@@k
zUBn*Bw@V_Uq(`IoG)eI+eQ$%*oT1p4iyNTb3FP71501(x)EErsz65vdSKS##z5`P)
zZ#Kkc<S5vav-n2q)u+NZp8bl%h3D{_bg!HkXMY(kgB&m1uXV2H#)_pqRfO}6PSxb|
zZ2k~uD~EaorS53Tzs4@N;JSYXw8_2~X-lKf$*yr!+U?ZlkT`m|n!mN-8^LodD3!=6
ztCPGFF#isSSZephXAS;|CwH3M|2rQ5gG~UvGqX2!adkE`wuAf6&Ec0d90v&#$$y<J
z%v@am6Jufe?;sx^qnw$&g{vhA3v)B7U@9053-f=cIGCCKx18<&ma`|L3Q_>mI`S@?
z5@@}bnsS|OKaa3LO`vwiPe{0zHnP`NWNOsVXj&nY$YGgbnLsRc`flit`;)#q>MfXp
zk!5yDo|{rd(ZDj!&;38&+~WPs@+LDSzgxZy>=gOjJ?<}IHT#>M4Xf#Sb#wUoW6r}z
zt|R?3o3$Fap0+8>qOT)~J86KI^#ezi*Yl4FZM~ioK`usvyuR1>tylN2!)c1n%%<w_
zuEfprgLL%$(7HRnnr5whIRguEcdBZ}C3H^H=;g@#4gtl*=g>EH{`)h~(eTL8CvZVW
zaE7Hi?Z#P-tMT4*pHUY``oAA6cJT)hOit))`~MO*&Ze!}l|kSahcf`Ka_Ct`ZU;fk
ztypqJrts%ccwz^e@^!mcXbZP|OpgUGDq`=`^G?M%MepTZjcs?wg6$bqNtMgF#5Eq9
zCLN9|eIJCn6*<pY%)IJeMq;hSP3&?Q^2^bttLJ8ovuU{Ti?W)dtW-#w8_Hn(r$k;0
z%0B#ZE~ld()}7VFyFEZ}hqoKMGoml|eN^-Kr9{8k77FwV{A%$nIHx@M?AphBliw9S
zbXEpk^K$p+Oy@M`y|SXD^83N;>hoH!UB~GUGBoq-=<>EsPbY4+Z2?^To9@0_uak4z
z79%#j_-<4L0+Au#x8}<(zhNq}{gZi1b-t_Xbucr64mL54zXrfjU#4Mihp$_s=hL%1
ze5I+S47R8*+6Ww3bQ0#u&;4!#f=j!^q-$EU)@c+QX&5|W!wx>ge<opB^5D$Q`iyG7
zB_3EaWD=8=EmTWvd5*FXX+4^Zyi{4WYpTNalfjSGwK?ck1%or1T6s5CQ2E^bX1`q=
z%RV1PQP&5$h!TNN?|r;Z4sj)ZBC+I`rmU}?f07QAfvLYqQEPr?vL~ft>P~i5P7rO7
z--Hp$@{b|0_l!~{?-yRyuk~^Kh28W^9)xyXAWd|``XT(DWd5YPw!CE#d!Kh0j;g&h
zwBcp2JRM_ZtBw__M?-s`W!KDZq=HwM**N6a*CptzcLfE6!M43Ot_uJ5|7B-T6-sdP
zwO2E7&0uqXEMZ+80-dMmEz#RWILIna6l&#&pjfnNY!6X5X(CGy9<y_QUcPc$i1<{p
z^8~xvj8m8LV!|mFiyk&mtOfq;XK-^l9US<R`Za;`h1|9*5&jfsm5tb=ebf7lK=3*{
z6Z4XR29Xu`C-sX#PC;eg6~HN_P?#kL*ZZX>`Kxq@4N}_YcfKjRu@%3n)7Hcf7mU0?
z?m+y|A1-{Hm=}(#6RmQ`6bI_T-O*4M`gW#a2Zsu|Oqlk=L*u%1T7(0XtY88QuAvbP
z_i1L3$?EDCJ%6`_sQcmfW)x!pi_4i?YlllHTZ3`H@P%8QN90BWKD@`$^vU2a%Y_Rb
zF3AATo;o=%Bz)lgR3eY_pfHm94qHJ6)|?wSV6m*D8}%&?<$#I74%Q#Ml(5K%q0?c3
z3Q}IFE?D79v(bdLSkGk~rN*QsNYDlT2j%CVou8Z6_XqYR7zJfwC|ac`ZJR>0N5S+3
zSV?1mv#Z~#Me<llFZ%=DPNMn>0vmWyX~d6BlBy7F5gD|%eTe#Nk1KN(*>#n?KvG2-
z_a9;o>e^j+`w9OR%9f`wzCaOdGVP9ZB&mY1F!WuwnC91)GM`i5kPBMLzSh<EBFe-;
znarllyKCw^UN8$0=Z9?&rDXkhoPSDF+vg?$6opRKj2txFysdE#yTUw|;FdQjR~PrX
zesIL<3$oBS-FdE9(>UV;L;R%lK9Ye9<wf+A&=AFavmUHzyG>xF*XzRe95dZu^$8_t
z%m!XzAS7&8#Wgb8yK?%NQ6q-+RPY&2y7nB`LB?>lCVn{pRrQZ_cF~}!>qKN8|6C0K
zjz|9eb>iz-D(fx+uDr7Tn`oKBzTn^fezC6U<VU*glM}g9-G{8a7lSZD44aB2hhiVm
z4R#l*wVtDxXT@Vd^&Y@{R3UfIg@ZT0XzNGoerGeUl<Ah1?aY1R<#5(X&Ryv;K$G4N
zQuc`%a~*dp{$^YD&u_*}8iHj{zsv<dTw_PwrwS<Ol)TCC58108n5pc0;}1fqCGcIX
z)^EEQ$Wee5&~W?kXJvDeTTi@9bP?H)s`Ka9fj}pa#Cc>l>#R%!6>m$;4ks5Br(lg=
z+EJEWy*-w5O~J^DRSphz*D27oS2e$s#Cm`#QmmJvW7feG=jG8+S)P?#IRXc2C0+#t
z*d}Tt;s%{s)Q*aWu<28s7Cj6VL7<b|vzr{PVd<*98z%3gte^O4w#T8Rde!4*282l|
zR5~+{>Ri{G_xR%cZZm(+H@8FI;vP|uc4(;8hK8)KqIFwI3J7ZiMN?e7)+Mon=+H9s
z_V5rgvr9H7K@~FRw!;Th`rHF_VS17DnUay-;>m)Ua<s`-S?v#H^rVj+n3i%U6xvJK
zet%|Cms~vq@HX&qu3F+wmEzhWsoJ4xq4bg~SdRCPX{cW1nu>6P5yB4>QG*yy2BROS
z<C3}f;7={2vqYBf9eyu9KIY8!qYhRAS;PJ%?A3VdkEOLR2nGGtH8wy2FG^_xtFj`V
z)X7+C@uh}{eAQXdk!aS%MK{r?Bs$h&h<LemQx6k^03U-<NW8=pXQt^7+7iGDiKSps
zdxe#6zj7J`Zc};cE8Bw*H7p86er;yqmG5Mq)8b)I4&v+e-0JsfxdBL0u1_Md%dFx@
zC-DMLfy!XMb3^x;$3LL&c6~{OSlJp>K8Z9KthAMic+PF5;;KfCi=4Dr1wyy0k<{=_
z&ueF$dK~#r@uRg*GX}pDms*3A{4#zO$k7;I%KN)*`7d$E@4hXEm4uEc?zt%%Gsy+a
z&zSPy;HC4f2JOXJn#2&hrGk*2IgoIS4%~6vP`I;f_MI1#v1EXuV~IXM^A9*Vm}I}3
zndtA6oUH0KIqwPO7-K;>R@@K=j^m%?%>P<fA`Xp13ceKiTC>ne2*_?)Ah3E$JEb1n
zQVAu*`Cv(2VvOTysm{=5@6mc|E}Z0zi_G4II1ojTD$}TAmBsC%J#n0VffR@h#r*Dk
zOdpDIHbhJ-4VwTsZ@Tif%vDhnTb``yggw=qM6oep_C3Pduk$a$Czh=Z)x{iTVbRjt
zWn8?4c?J{lSP3oh$A_V_#mJ=*%oHf=3(`bT>ryMT*ktKcZYkZA$6h3P_*nzy5s5zE
z)@NenVD%W)`m%HUMZi3-*Es$n4$n`8;vFnWR@kc)Y()SKJ~cjQ+Q<29!(AT>;EBiJ
z)z6Ug`#5eD!R{T90kFBpqeVfV1~F8b391z^qtwwY!olldI1ssU1g(qkjy;15c8sH_
zy1XkLvyWpTDggp5$0S&lahp|J_Ufl?hP5Sn<T^{SBzsHMAV{kF=N(u0@-E@-S(fal
zaKf59MV3I(Xw6(R39J;k%38C*_3{<9T6eAK8Fnyi-x)GgUW!UC{$F7Xv3&WJwa{yc
z_#HX6+ptHIP4Va*9LF?8(X3f=m%TX#mx@(;!v)@pUkSnv9wzAoB3PsR6}JPI%C?fj
zO52B^KYOz9z)ILn!1GX5i%=DLN8T{n#p4}yXD<PhcE24n^M8ekRy^<F&h>BdRl;MD
zHU6BC3w(^vR&fErqG~AWrha2v(`!hB)ulFgYP{pe%D~%;WY9G4j^FS5ibMO)rmSUa
z&jq=dRtoi492vs9x|W3PRW)DMTD0P|ST9XJp7yTdnf2S~=fSCx?)Zph!eH%7<lU0T
zKN~=aoE%}t1QaI3#e@NWXjbfwEM~$Ep>RFT<3@T#Cb&&8FIQe=LBc=ttu=a^o0gt7
zNAaLd{Mz|Mr3ulzu=sr0y+Y4}ILj6MjRNv0FP^sSKZ`NubJiV2STP-!<*2tiOA{F(
zctQbF31f9`yg?cwO;m}+?r`k|ao&}^EO-F0DAzoBDS5IxXVfOgc#TM8`r2oWua|GH
zf2P)WRvoC#onW|i*?!dCzJiTvnmKB>zF#}7kjrVgXHcn9-1W5fMl18lfxh8IPmO=R
z2=eV%=&lD%)>Ym}`0;-8MHcFMMIkjm)e`g+0TNso#2<zVO}w#rxHEmW*QNgN`37j|
z6)qbtWsx~Ps^qyUn1_8Q2jjRp;iVAprn0D9vfl0|WS&)(UhhsP+k5>?ocX?eDphQ`
z_Bgw9v+zs1gpX7{0&{f}PFJqXN5TPtc~pI{0C|q;sCn<a1m)Vce|y(&OG1JbEfwq%
z9$B-3U_?b$w0_|eIDabnqR)TJ`2yg`@GzXR4$InTS6>+13rX9EHT*7zxEc+W&GOdU
z)~u|=Dxx)I$%RYyKebi~ik5U?i6l9Yp}?)#UQRHZvGlD`#z~2rjwPlCE6Xsu+*V(3
zs^BjKFzC~TGYhkKZ`y0t9MV<f1NX*s;@90`qlJ0LmF9=m*^0u^2+}%@NB}7@ro8_3
z#)oOK+wiSkBKpK6-bdY?yLZQkC)da3yHRwW;)0fm?^pASCYR&bmKO^w1KxMj%_Iha
z<>8bv(`=n~oXsn6ZcDv6ak*Z5#`05#KA;qJY<p=zJKJ+@|2lj1ffN3@cOk>l!d8`o
zyVuvv`+57rdYD@wA_h*B7m&@S^Y7vU{GRHg7ptqI)6>f}AAsH*z=N3>HSA3P&`Y=?
zbYmS{SGH6#IY2c2hLg*>T;tJh@GLG=LU=vv=6*vKchffY-5h$PUcv_QGySI9n*PYQ
zB_NS-aI<>TK5Sj!+hz1X_`uuB)Tfz^rIx)F*HlIs3+-93C0D5m@G+tA!O;Z^h(I2|
zqd3SGRUCdFqh0(`*pL-b!*~{$l{gXY8Fg>q@#>q3J~jFEY`ckl?&a$@>u(tQW1IOg
zNnA*^&4s&V--@eGu}X$t4XqK6jV1Fx&Z&8t_&YReRj_qE9skG=twBBP*rD=Z^OWu0
zt*b|Me6f18p^64vz_-fVK@lQ3+^(~JoeBlPOIP}2>myYnS+j|Bf7j-Kuldz;_~*5g
zK+TcDuB>TI<s2m{Eml)Eh09$u-o!6OextjyyeyFu($<i_Ep;l$441Lz2SnIj=3>wV
zis#Z7(c|0x)qipZzS7Ge&woV1{lF>#_Q|<6npCAFIn`6R0dd&5meoY-Inhs+TtUW1
zSvE1PiP(9UYi$Tj7jQfIi*VdaSHf4DVU0V%EqTP2TyO3^lHB1O93<&8h6s{+2N)dJ
zRD3Qz#~b@0w%DepCE@e3_q6d&J&pGoZzHly=0GJy!aSw4Kj?KIEQUEB=-(gENmveB
z{{#7~|4aES?Ej7EtlX^3|HJL9{}=OFnUhidC;=^fm(32$+`bD<qlKA}iwG1D|8hoo
zJ<9BDPtDep%<Bz8M6us!CQ(Od1(>%sh7ZL)pb1686xr9VSCNEh9b6qRTP}4Uv}74%
zMg3j*=f)y)_V<?|S>+Y)i9~bNPp1Cp=g^n$k@|AV!%8WhTnck<On*gkl#pxV(NEJ?
zX#tPko-)C1&E4LQztg`zjsMp3QuSpQEhnoTFzEvsOlU?YUMLp1@;NpJ_qmpN*_>QL
zm#zmRYsJzF^a-nPnDdO(wlT1+jC{oJDVeHX>-S)OPqw{)zi99c5<@IG0XWDi{4^|J
z>^^dyl*k{Lu@|j(Egrl_oZ>W6s#I|V4Fvvtm%}(9kqNExc`yVCc<!|HOum_|8}5Mt
z*YYVYzjh@5+!4U^>J)WTCA6kwaW!N&S))U68cV2VtX1|gl<>Rcqa8_s%t#n>iJMib
zOFTv!<P;Mp7`z1P`)>;=5t6wgc`-)42Tl$xsln5mb~qhBajRTK;yN)bb?@%?f#ydR
z5-38)H^Y%}4^{YNZazlD1wDR2=u@hUTxH?h0m_Up=>-c6G)8fqRPA&j7v<JdxaI!%
z%~<fO^UZFy;YJ#sGG$x1?-dPK#wfgte07mDLRryXvRtu&#kE@!YNs&zdy|FLCldzD
zE*Dp7*hV;0tS}6Q6A!f&3yG5{Aigu{3?`<TTed3))F)_BIz_xV=2>!E-a=`I?zFop
z>8E01WtVNBB7t);X^Of_fI*`b3$9Vf!SLmz88`B~PNfH^*(2HRC<TRno4l3lDrRW+
z@j1AJ!*vnPsIeg}`svDeA%?09Q=vZ$I|C0~+9^8{b&CYr)3mZ*CAS<rz!5ZAm6PeS
z27i_YTH~wBKF9Wt#fqUgq0Nz+e#96D?@Z^%-K<ox2c#)f#e>x<hu*PzWw4OMyRXnB
z<R=k{HtB-@yb=gUgI_PUzTjLR53{-Qma5jL#xC*EvHM(i#1k!yIUO_f1c#=GDDA#n
zq#9%^eN_r}ahPlY_Q9SjAoQ~tmFF8{J*oxMbj;{y352yXdlU}ZCI&|lw+nKJ_dco!
z-zHdMIV~GOQbJ$#ZP_MGG>*crS+5DX!pKx10!sdH0%K})VQ~e0+hFTot)aiqdf74`
zX%bFb<kug&1pYF?e!#En@D$~|W!VTH@SVu3;~D$sun-UYTiTbO0op?``<pj|@aOhJ
zo){-rSF2;0lP38jzJx~M#&t?wKhc*;P{ZNiTKjZJb1ChR!XgKFjR<-Zu#7_YlicBw
zrI4v&+*$V6)VtB9t<?~jy4J{d>l`#!W5Dy!#2`u}*cFS7m<Rht-xg+A|8i+Q1-f=g
zFh=7&CRzmF1-XH-10TtEX~p0LrwR+44uGJ))Yt4k{eO&-FNb+a0Jub0mSkaCI;(`c
z(?W}z{Kz941fw2fr0|`>qw_^Ms}nH|fs~SZ)Xq1g16%{}IR^JSMV*(iFq0s7FRCAa
ztIcRBmd2@}(&CD(x86&AOt}%I;Mmfly^z;3O&)L<qunb5)P@N4BrLB&REgTbp1H-&
z|5cFv4b6ol=K`&au|caoiT%)7v+)Ddn<DT^)bM>qVNa#Pt6g{oGbEuX5vx4($-aoH
z#fXFthPs1@Ct!8+`85S^MBFPg^86u^h&+~jE@Ce^a7SdK%vhu`pXuzo(3farC=035
zS_g-<8DpvtSiWfh*JEE9Fv<N|Tc5@^t}l)}w5F?rwen>`QuuwFLr%aO{UWZZO^>bV
zVAv;WgChuNxrIbAN?W-%+2_k6p1m1)p_&iAKEe`k-w4}nbV0?7zSx=6Fro7sUL%y#
z7ZAtfjy@=d<hrRUFYBOLBsf+$fuoD)-kpq`Ib)mv50)9M->i5XZ>j|)lb?cre9k#v
z=#g}H_zF_3n|qSJAHH-?eHfmEo@My>1}yhMF8@sbl~m$0(A55sHUDbNhOyGAO$T(%
z!xt!ubl=*Bc)lOvKTh-@GRyuJxO?ZUo+Q_=-IewXa=m=CE3K;e-INIx_(a#E`5>6;
zn+@y%=MH<Sf7-!zxueMPJ%WeEx^tSJEGEAU2Igo;IYL7IL=AcmB^t9jqrC+B!w#bU
zRd7$ad4SIf4D-S!U=3V96`Pz9@y<YewwuO>;uVAyP?U=I#v7PM$NEf+@vV!o=smB&
zf`7c<z9^p`z>GU`^l}5Qs)Q!ozP=xkevNwtMB|<;I>{I}<29s&MAhoxnA^dsoOG7g
z>4f`*DUtE_G;|{b`{kZOAX!=h!8znDz+lA!qMv(~g?8jufL^!9n7;3_geN#Y!4(FC
za5y~gofYvBR&GNBZRW-Kx`A++)~25vLb@Ew<s!Cw9{h*4TJjvv#hqJxzbOnXURYaz
zrnnHC=Z5&a^Q)fpJ=j@uBRnU;>6hXZQD(=fqwR;muqR^37>evSlA_>_B@d4m;iM40
z?5;-Q-(%Ta^&@RoUJoH!e4+zr09^hwzx>be%(>{Nqx`!k!*6Sofd5hF{}pG}|MAqB
zxj5PWOPq24%aCXNzpgs#f4S<EfTpg)76+Du;i=|bEt-*&)WwZ>pc`7d8$PeWEQHi0
z9ahV5rgBXphKz}Y%44NN^jGR<ybpC$SEs$s(coAFU;3@@DQ`G2>L3Q{Q~i7P6*hz&
zHZgX~C#D;a#P8i`K<6OxH00ep7fu6*3ul5Y$*gmWofp3^X!+UE;Q!?g9M{w{p7Wj_
zUp_SBpN>A{@956^;Mc~vkv~7b4F#bRv#vt2Ub-6V-v>E_esp~X`L!ru*@x)kjcy0N
zsrZpyfQLq-7QO|a{=#Zrp<zVglbr3;SS1X~Y-;F<>=q+9k>m<uBH*<A)XPQm=YwI2
zlM6Y$7`hKzxcOPkg#aT8AemhU&Sq~|Rq=lwQFQJtbYe@o4UL3|ZCJ$<A?}Yhuzna?
ziP$Wbfx2(cmCzG~J5oPW|FaQ9xuUI3Xgx}uz%A|BZ?&BBvxse55s3<3D?U+K(npg_
zkq-iwlg4p7ttrCmsUj}~4P15GmKX+cPoMK*DwRWJR9PYm$eLXS%nixa5kHWw#fNe^
zxUfP%a(BtgMOOEo%>u2t0>qa54L@C<PQ2Y3voH(zSqFE<o4d{xI=3t5z<CmPkcHS>
z#A${F@1HMxpYBf%y#4;3$mApB|0Dmou6t>_2op(Ud!Z|0o^7IGdkxeBI6lZYNN+{4
z;7XWTO~3KM{EmtNfq<@eVTU3tQLBPHKg1fc#L+5L8t<vBZ3G&_{q6Q7hDo~iF|PjB
z8&7A4QLZ>`6zw9Z?i>UohL+d4^sWw<0!Kc!naVmZ4C7gLkT-f=YKhc@Y?TYk4;<Eb
zx5)pjMY!s6@&*o%igKKzafUE3XYkz-CF3ko$MxKZGDJZEsoC5PzbYcnVZ{kkt~?tt
z%S;LlxSr*LzG=HJ`_6r^MOfSSWek4wj87b7%cQ+mWpWpjpxf_WD#mcz;}~Nh^@2cQ
zlJvZm1({d7CtXIxbBSx;Nrv2bnHq6hp%%|0xP>KRygQSjE2##r2hZW`2~~E9q{N~u
zUzeUkQ{Ev0GQ7-^uyR8qHxK297J7HxSKx{Qrw7VM>y_rDd4ClAk~bJxeTX=GRUXx9
zK9Wl$UkYkT6O}v5)?@YX-}{jcprt)OkEN7lW$j^G>{yhG5mS6M2uIBXG`wP#uV2Yp
zLAZpu(s-GnlNIo+*(`tb5FY=QDxb3J@qPrWMUkWdDjd^-<w}YaOf_gu4m!!gszAdc
zjKUy<Z7P$U)xjjGa~Y#|+o9L*`ytz?SV*RPU7(lAup_zIhQ}@A7rHEzcDd&*rv#~V
z_AOzUdwrI|YfyhSf$6PO(2&|J7r!DbY1xD}<}b0zFb{bl61#ekUEuY$d;Uk5P_B>&
zZ2Yc)i7sw8SkgL;`-JH;EOher+iTuzn&H~wG#z<<?C|*ps1`gd5kjHVCx=}5))#_%
zsN!}VDn6dP)mVw;zc4XQyZO_M%4<Y}A#aUO3FA#`w4J^Unc;=|l_O?<Zk>%Kvc@^!
zm<c5|-cBza7&X7GIO}NqiwEJ^D`*o3B0_Wk>c4?twT5*GB9(hSh1mg6LTo&9NEjj3
zP=gR!9=eizF+|!#8X|S(BaXd))job{t0L`VFtI%lu-|jBVg-UA{7I|y)Dk&G)n7E?
z81OTBHANXmktBcGiu|>+-T?cy6wt{x#XqG7afGZtEXv<^R`hTe1J20O@&Vm|1}E|h
z*fZnar##Q493RAGWJQX=_)$Dv#}oIT*~LPME_@oL8Wz|eR%<H0bT6n)j1RST+9_#T
zt=}5iG_d-Y=)0PoT*6NZLX{;_td*3<Vo#h7kNPQhVB3)jj$%<3lhKE05hh~H#VRCS
z5vOjiIYMsAHb1-c!(9>7Hts;T3gLE`fCx^@RW^0MF1?jw;U8f44TUgHN8T$Mdm?O;
zHzK{Z17h^1wTDZ_y<x_u%0Pht40UMuWS&LnP4Vv2pTH(E%;#133?%QEMWxz*pJXqQ
zo5Be7VHtra2$ZgcRiBv*3lc<o#%Vtq1_|(}r?C#I8sPY>pN2OWO6Sh0pSgZw0p;xH
zOd?KfmeK5Sjsn_$Y(AOPHC9g<8D|WNpI$691?zZ3rg!9q?h#+u*hsDp%|c!eGocB*
zwgRsRs;W{DHwY*i<bE$@U-4ffoV~vb$E@+}c;7dvY<PkNh{hT}QibPCF21gXVB2x^
zKm*y+riYL+-n~9gN2vEBKBw=z0K@Hk6?ciY_V@LB`wB9F4Ea2~6X2i<rkLivLjX`l
zg-^1`hvvNI(=l<Lt~%InoR)@n``NdM=;`@|8?+dLdv-zpx!b(eP)(0hx#v0)?P`_N
zWjE6~(Ans#569kNpR5miQbA_gZC=Xjyuu1!M``ZMsw>`Z1gfA-5!(g<3N{T0Q7$7@
zGM0tOkF#}Q$F=GrIrsGtGZN#QkYBa>FEq0YiQ=9{=<UQN-chPh(^rC!!(w*tdERZI
z03>QHmz`wS-B|pR{pO_Ji*tA{ln>HV&h?-8!+`QObT8o;{mWFT;V-1Mqg)aRoaSX-
z@_VLcOPd$p-hbF1?}Fz1S_LKlSHu4Yu$j4;|9`;d`agql)?{X5N}yDGJ#JG1YozCb
z7A_1_Rk&FVUh~v!qYcf&w%tcZCZU87!nTQGULMn|X{qUh#{v9X=F7=m-3fg=j{;{c
z0K74+JICjyGZi_)C@SJ>@gv)w3Zj;Z_{Y*mR2Hy6@7<O&RVVs6<jmd}{r_orTrm!P
zJNoJBE!NHb1>z^L?)T~5<tqsLi{M{_eWtu`RORgaJ(JUnVMqN*e~(L%hiVJgij3`(
z&V=8U<W`;g4h4&L^hM;??}qra^AO35MJ{`+C5K0<B0(kM<_M+t!RS31^Bd_S0h+nB
z9~aD5kTu-qM$unqXj6}g&6gccOHVK(bkB*C;LV5kJ^gFIP|T>Z&AlFwp|84OYlaaH
zYCKjtMfb0zO22h;A>Lm3N2U)|9QZ9%VJQTsu*;V!-xVb@(r+56?l8bTRId6^AyV!=
zx=D<(Rq3qmZ{*uEM3|RNZEsFY&hZ`^;=lojr1|<m`eeIibo9s=J5fxpb99e}yZWWn
znVbJs%(D-`6$id>a*yoQmDslaTD$%y8(AQZi?kL#Hr-wR6zrJ5h2wF5#P{#V+kv&$
z-{<?syd8KLWjT5-O&PVb9aE@+qj?Sk^*){xXa1%LpN#k1UhrtwCB=seFRqBqL!`**
z-Y@a;uwRCvrGsr}%?ixME!)eKuL;%D)Fu89RyTBja=v@D9lta7N2E^24p+OhH)kv<
zDqREtY4f?mBr#NAh;xjUMN;Vc8DE9{4k;R$C79<}G}yHneZljRL<|!SL`FM4U$-!U
z^1?g5Q9bSbja(+FKFbLO(Q5{@-^o;vUZGx<a|!{L(FW@uSiP>27NlP;o+#^tgq{J&
zuG_=_iGi%6xgj{$J)U2kb*Q^~C;PfqYO0f)(<j_@QrC{%&yI71b2L8N5V4<~;AaKS
z6TWiPCNsiORXa!BtSR*gbeP_*DB}A&(%m7$sB~T-JKWOB89kO3hMY70XzDZ<9*Yi7
zrA^)Z<4t<Ur6C=HmSQ@QVpgoS8hMY>#)0ub@LdQFo(9-3$e<U!>C8RN1Dk0_^Uqj)
z4y%Tm;E7mrNFGZgae<fIk`*kY<~1|sA!huAXcYOGkG5xUf|r~PRr4<CBb}BK?jyK`
znpQ+{Npj&#C20d8YZm2l^}a=?L6ahwK^zC8DP2)iLnZx)U?O`%N6ZAiQ~3Zcb0GzQ
zN1RcHNhHm_Guvz#Ro%xcY(cC@7rYQ55|ufe3u2<le=9p)0O?8loC0ctxJ2kgRgi+K
zXi2+L05Ski;REZ!Folpj!&BL&bXN;DH9dbzd@zp5dcBM&r8FEC`LHn?Qs^gd)&@pq
zBqIh2>_&FZYq;M|n|i;vO#b%!R}c=cxFhQ)Y{`hCQdn1KrP#%GlYz_hD-!e#5&n}w
zb?65?)W2emP2ATKBG=zHNS41*U-~x+-&QmP5Ezhp(~!I8KJLq-ZF-|rNmkNQD?roT
zpRSLyUyso~P0_#z<_!J){hYq8o_v|BFjlF!o<BQWJYO%DJshz54RaZ>G#TrGS?q^h
z!x=-v>3Ye4r}r{RzFp_dW^%QO35;6F&g3h2Hx8pjJjztA<8BBpZ3|*g?9>HEncBV4
zk_n|w&F)?nS?9{{YK;b0U0tj_ROl|tW{*a^?q&aPAA4mKe+s0HinqpCYx}d&3^G}o
z0smm=*_vet=#6FMV$eY^iWMGUNjY5D&FLz%X1T0uP?%Iyx%izAH}iIstE5JL`-&sI
znb})9{C>bX&O7)^O0t(7LVuogKm$Y!s>J3hzoic!dV!@>N2zhHbCxwwEXiI$M~Fe#
zlqwUkAClq`4TV!8p0U5N*DgmOn@z1w&Y81lZGETQIUoQmDEY2EMYRgR$9l*)Y}*pG
zpbLp?E94%KsI!I;&(RbS&aWSxmNTr2C(fef@enBcRgNd4iOJMuZ>X}yaRE64s#cCs
z7WreL4X20-X~<JarzW<gw3=LEGH*eIz$2*|w)CcGSq+Hfc3F9+*RpT;Zb6mgm&pv2
zhF%zTg&1wiHBkQz3Ec)nE~Jvng2X;8T5>^rZijHDyQ3<>8dX!{FIfA6emL!jY$7R#
zv$o(ZxbQg+2L=d#kZz%H>b4$|nFuk1oXz+?V?LZ3l{CB+5&kr7!mOAlC_>?ppqCP&
zERtuaDv{v?#~cKi&Sl}>c{Xp36AzuaN-*kU!bvfin^lQ_9fAUOx#IDB6B2mCCGqgA
z!7D=hu_W)bPn(z#Az;th8eP^9Me&|DoC0Q4ppOznJsqOOc4Dtf5~?ex>PL4pujN)$
zZGN~U>EX$`JegV&NYQg-crG{SLMf5>wbzU5h|I5pa6~aFQ>i}%Y}chNY`h0<l@`{f
zMkhDT3OP=g;~)bf#h4;EqnlyZ)XWX^k7NrcPvml;Bqs7c0nKpLzF;_&m8*(Kh1bu-
z?AnjT@>?#2yW3*gTv3)j%iZUh8vb5QX=b(e7@0MzJ_E@=DC~lk*fkJjelN43KFl*I
z>plnFGgCqZ<DX~zE|Cyq2+&(a$B<|X7JiQm;u0uC&yWE$R8i2vssnoQU?z;?p1NV8
zH=TLYkTJt)gh>v&AaJeL7Ptyzp={;tCuP|0Z3={N<}w6PNO~6<nh6$Gx|v=`17=R2
z`dE%k45XmoNR9lvp@lReTJ+h}2K=gbB9xoK2S<NbT$&&&mXbzyMaDDp-Y>uF!P;eo
z@Y*ao2w4DS(#$_Qv}i~Bl*`;Wnr1E)+J>!0AtH=^Ug#)lnb;#l(8DcMNOib?2Y64w
zl5V95jVZR8%57BnbN2q{RkZ?wxXh{G$YQ#!ba2Mb28*hH`BXq*Su)1>w>W?h#e9FF
z)Y*FK$2-dTI+TEiKwN`Oe&U!4smq8?y)ZT4DxU%r>UmpOzqZE63Qh(y99q-77~d~U
zkdBIWBH0XuMWMCqWu=zxU%}3)&rggbt>DCo=FqJRHEt{$jo+9cC~t^4tDO5$mbH$9
zR^qu{A3iv|rqLQC$sS+|s}9c^B8=jjIa-_Lwq}jGC=lyocWgeMkDBv5MG2lv;85xb
z6zc)fn+k`v@7+`Aqi?=`?yvpDUWG+}_y`2HI52rea50Y4lJgzHKCMosf^*Wk>I?mE
zHJn4#p>s{djF;>$#-yr%=X#(?%-<YGQ7aY(@ztbh8}m*1_hXQZX#qT9spSO&n%PTR
zaT6uMJk07oE2W%(sA(%*D+-BsRM!Wda3b(UX~BIgZ_L)Qm~ux{7hKjEri!sa-CCVL
zWA4^juTn@Ei4}(WlG8e%QlZ^km`B4^gr)BHvw{CgxgVMjh1!+BCDg!S^3=up*nokR
z*^dR*=w}OS6VdG^-LBABnXsJj3v0!<fFG0ivkjiCdMk8ce(4;+a~E&TU>)H~m?XgS
zk=UH4{=2I<@X%U!>%<J|&FJW5=wa@+lf^!=d+NyY$Lq+eO^dIW|Eu*p$WI<fv+q5)
zcU#Me{X@fwd{`(REGFkQkj*O(-ZLl5)_OVGDTRDRIe5!m((F_8`;kRhrdI{kBBF4T
zQB3L(zeF{~(O}-cg~V=7|6ZhQTiO93nR*V!|G0|zH`xvj$rniUO9GRVZw|NpPX1EX
z^kaFE-Mk4{NCozK1i(ntJEvJ%q_r!6g0w?hcdF@d?GqZ_-Po0kf}OrwY;j@}piR&M
z{r&Ir;88~N!Gpl{$6(BIQ0tV8o~G*ON}&(dPQ|*QsdIL};)3E_x!mqO|0zHc<+}nC
zu6*kZbqPKBRr#$chG;RAsHDYo5I$I8%({^HzK0mKmvC1{SepF-VLo8|0bz1t^h`O|
zG?@5CQ*E=`=Czni+J`J<^R(npw%d=Ac%r|&g1J0xBIM!@3&tJHpYDC*eLU)vV5-V_
zAB5v_8Y(sNj5T+ZOUjfiug{DZST;IUc(V2Ce9!pr!BD4$KmPxA^xXg5yt8n#u_QkV
z2m{wT(@9%xsC~Dp1sLU1PH9Y_U!WSkjs)DwXq!<j*cPQSP8LkvE#_m)<MW<5_cWa8
zhT^vw_5mPLQ&%!|IR`T51skMmmXEWmhMfNhrK!nbzwo~e?HSRWeg1AkF7_w=?LSWY
z*uOY9Jf-|{Z0%!;#--t=F_Q_U(A<osD+cJ~$CvlX-bS$*52`H;@Bcjr0?*6&dBcF;
z{q&?%k6r@ysK3(Y$Z|V2-#AV9F^Pj4s-HIda_xn{lA@(TT^e>}0Zp>A-W(7akLEkD
zC!WakKw{D&)w$DR{k$Bu)z02WM3qt;5}!Z$mxOs160<-e2g^IZUf|)~w4eY(0~n(E
zw|96N6I<^rF-f*hVXnvc&v<)u$bRzhSbuq|>R&65f&yzJA?+R&`D1zMZf(KBb=n!Y
z6}KlzQ&m`%Cb$=WUXWF0kUT=7l8Lt)#gM5XmzV(;ZCmYbye|Eec`VuIoV&I7Mi_!e
zQ~>I9WN+<6QW_ePo>JjR@4u7kdLX~o^Np+lA%lfUrl<0Ku%^kJn$;roa_=)nMw>$8
zw4L+ta0zd&>!?hpZ|C;FtykHCULWJ|x8~~2TC$y%2qa_2_Q|^6rdsx9TXlH1U4eOC
zEW7~hPRpji`^W3Yl!B?}K}wlb(pq^s@?>yCc=EK#MBiJK%Eb(x%MYu>cL2rDb8~mQ
z`TG0d6_gwT+r)a9ddCPtfXbpcaEL5V=RbSC@NDhI_ZR8~IVCkx8R|}QOH5871x-iE
zQ?G}~*!hCM+ttPSs$nb*{R!1QH^eACeC>z2EM9&;B_^3i<hC8{7&9hydfFq=_LTrG
za?DMSY;u#)@xRA?J_b81O5k78%9D}<N6B_&*pjHCTJu$0cOjJJ`Gz}5>npCcaBI=v
zpBie*@grW&xJA0s9yxv2!!&bPMm@bb2xgthE~pq?AtMU9^m+VcdISAWGqU(0;d^cn
zMqYKqs1`!)O8>JB*a?i7lRhqj)ED^dJx?}4kME4D-1vJZLuMb)S%8<3#6Z*-eP(Ha
z{fvD}J(z=J7^hsCNBorWqK=qBT0G5ev7&UP=w`f4hlZsE>yUALzs_JM7pJZy^J&nX
zc!S8=@Mq2pr;ZZB`{<;5cXimCd9g$-8g>1zqNT+r>8}(z7pm-G>a<QT1=GE5KH_8^
z9<`32Bl!~Dr!&jS{XjN1g^R^`%d2b_c&npub}`J|OLo`xOLj4$W<@CUKre{^rARcr
z{t$BaQ(HbhRjMj`wRvb+9=XUwAa6%ij4LHdqLC?ly<ym!{$&(4ZGxwk(34EYRB_d4
zhK{~9aI@!$vrLz0<evTSO-nWT4^2WF*|`2ikH$(GT0VGLAmCA}7#EKF^fUC)TiT9u
z$_*ySt$e`rvTl20k40-Lf%N2t5*)>FDCq_y!7cI?GN1usG}&FgDy*W;rdydj_7MT$
zWO8WYGFdJcsZo^YX}eDXD|o$;J*B}OYPom5N@!1KwerUb$2gkQIYo0DQ)YegF;m_p
z$g%?n1%7fFF)&cB-p*qEJ3jzT*F}Z!7y!qr#3H_kFpY#~VUSPot9NO_rIDp!<%3CA
zs2>{MqGXzzf}c}Haa*?6<ZK7Uh3J}Uo=P0_)kAP?$h(FJQNnQ7U)oi8C_&jbUp4x%
ztUeTj6*S6Lrj9>`i7*~oqH<(KG}!bR*AwGiD&g9S3e1{<CK&TSwbuDE2C0P1UFEzw
zgPI3P-Kw`LZyXBEvt~J+^NG6zU|rW@(RHcnBa4f$gIhWDLH1-@$~{lZxV<qV9>^WB
zJ=KkevW4>x7?0~CQr&={C5GRNh>ebx7#vRKihzXHR`u;}yWup9O^o{K_?hMvFxM~&
z=PB#|0u~Q4Gd71h8kiU$sJOucIMIgA;?u+CbvN=#w@AT>MB3rtlnX?k+!Fx2ZYJ=H
z{l=APff^1~0;9PPDN^%*tel{8W)wJFYj7iLxH~X9{DFI@H&8mb@t~gHAM-@53L+uP
z<1SD0Zmy8=tJmg>4F9ysk#WvRuzGlx;E?9Df$VtDlUMH(o-7ZgTtzVNKX6y#H8x*_
zOBUuX$M1*8EtU2c4%NrV_-;zsZ|LCP7%m`6+yyZVa00ov(B{(oT{?HrK4vXrU-;|_
zFyOS!op3W+E`+`p!+&W1E($`KMyEPgZ4W_w{jIM^Zg87zNALgQxY)=c%JgKAd4M+0
z2HM2o7*9e8w|d}yvnilk%CWUJq}&!#fM&r?2e%}Q!h?G~!ToCd!oBzF0AFf4M25%@
zF2n#y&3RvyYqaTJMgMa$mKI>dcuS>AP*p?BHj-viseV?0VVUT*!arR9Sn6iEDUaOR
zP}yef!pE%2Q23|GLq5LDq!{<TA7Q@`1n}S)c3<GIYvm!IOck)>AV;aTBVmI~!;#Um
zS6j|SrzyMW)tgI37cC!)UhLpPg|y6}V4%1+t(n&9#hX6H3P@2&A?pe)TA?B7<qw0$
zh)TX^DgN2lM4=)Et>x+xV!cys*K5nEG%^o{bNaU;h#W5{n+3j7v;m!RpzA$X2M~$K
zyGF&qm>Z7GpR$BKh36aNT=i9a^WKUL_4|aYzKn%y3;dw_fPmjLC3JOhIf+|@wQrKG
z58|rMmhLa(Rse?}@`>~Y;n~S(N)dH3T_45@CA|}hY5ZritiURshQ(0$Gkyp=CLg%L
zcSZ5)MmPZHLED7{?&_Jia;_GLfS2}uMAZR-#^Z8?fZO6d$Vn{!9DKP2*CZK>o=I-Z
zIccri8xhx)A1uhkkh&szu<>(qJihmX{d}QsPBF=31h~9*MAJ|m>m~Jwt}(1({3X%*
zF4k#1zKrZ1vT6?o@lrl(yB{Lmf=CFn1f-JFOuvZqf0Y?)T;4e93ili10TQ+k5<e&9
zza7lc+K!*}+*hWGEEidAL0A~v#ODKUH`27v6UG_sbk5dPWnAMFv*=j61@x0mx~V*t
zdpu|hcxm-+HR7Uosl})~Q1V2`u-p?<E$8fa;GGMeGGRu9X+3k=(@GIa1ML(3mFO_2
z@7kCyl9&0=<po=f@Y3g*0j14c!e_YeU4dIIB>l^^>h(Y9h(X5!6rns-v6_hvHm0yv
z-%osO7eM9P@RhJ+Y!fBJ%Eb(q@cuT!o(3HKp{9InM>1vz&!iC(=t6nBqiCmJ9#0IE
zF{SfaO`MkAbW5PphJCc<IU|42nI$oaUMM@-<QT)76I9$9z}{JJ0Vd&WHp|Pn;bl?0
zM+1)|*<h4&^30P_=bU1f&HuGjBZ0bL;F|sCKcue%WN);7;@L>npQp9d;<ZM(3$?c5
z_}^3RrqZS57U5nLqNR*}p{(vfE}5JoHIapi7QY5FSXxiI;#QV}u-DGZxggz5u?qMO
z`JSS%e+)mGmg_UT=mX(TcM`(Wnl?j(EVzS-P`tA2F@f*{*U}{-QqsKHLK91SMq=@2
z3V$#%5Es`*8|~p2-uX`eaKfioV~wn!`OxfYr)FZ7LX8Is!CIDJhHn3rgnVMtKuq}o
z$^1_Q>693LrL-fY5}euCN=LXmiP`03mRL2-Z`<EVj~>_l&A@NaEFy03)r)6&aJFgp
z8wRyNT)53DmY!c?(+XU4UYih3<0MoRysW%oDErz>d?&^^8JIX!Ue-en*T$e1#fq!L
zFiYu81F;*|mJ4X7HMT5?O`t8yIPK5`>a=$>1*m`ET`%z?${>@ubbc1|Lj>jqTRW^P
zKnrW(Bl#gMwF2N5QNEZmn9Pd|f*$h-lx#GsE@P}UpF^3T!l=N%=FD6w&swALnaME(
z^UyvUrerdKPUFrRY_I@vp;ef&M=Onm8XWn|OTyN~xwOkrf>B#_#7{JWn}S_h2zi%i
z?zy$l7gZ%h@%=}h;4;{j2<<ndkIC7+e9mj>j^0)E4M3~(3IzR<U!m5~H{w&`TW9vh
zt;tdcnGoT(G^Ep@Q$;@J{MU2R)qq)VQK3a4khN33wVE!khhQ2fc=ikAHs`(4pM`83
zC-}Ybec-$=yF5>_adSodtdA2ni2M&9w#(e0h8^B-Hk`52MGhy4?vIM%r9=2p``s7v
z!0{0?B;a`M*Jw01X>g4@`U>BZ>6N+6pAcF`qh{X^s1YUUAuBKqsAH<94|>AghFu#9
zlTO+n(}s>eNI<xov1u&&{KtZy7u-nGlW8H5lxIbHNii>v2?wJE=(vVk)>!uEU)HX7
zsHG4g&s$mcaac3Y?Wgw*NMlp$9Q9bytc!cQRe&jYx&*Ay*)5s_%=mm;>_f;uvF{9}
zno4n_$}%#Uoio(0Dg1hEE@4$8S}|JnxtMSTPB*`NQ$k~%43VRf%DZMtM#P#{NA*=f
zB}5qzl{yC9#ikFbpw(Pg9lo5k$mktoAn{OC#qTDBPRf(-1K_1~I=GjQT=LgB#rWKa
zA%Iw7abqMCSoZ(N);R!2+Jx;ow(X5=+qSc@?Tt2^*q+$7ZQJ%n8{64vbMk#Z>i^F<
zRa5oW+w*ky^z_tJKi&6rzrT@m1A`n`N^@|mn6r^%ePAM8g!kVh-~K#P&3PK~dJ+EY
zca?ly`o#1D-haw8SVHbvogjsri{LmpFM5CEbG9CdKndqh=s|&~5NPSbD3lZ23x@gp
zC`?#sokO7F;*|by@3bj5Irt@f(W0?cslU9JeJn%s^+)Ww&PPPVHGOsKBh<;Gv@qpp
z*9VdH{d{r|?>W?<aHo0NW@<K#tt>nJCN)$8aO|?``y05A9dC&aZUYwkUeW;ycighm
z9_v?;U)(Pi!J{un)ve}QYSD0n<DQj=T(~fOmmpd6mrnBDb71d%xw%h?x%e|SfzK*)
zO)2oh2jC`M1sb4b+7A|8>A*RmBx4$D2+cBz@?gn#6NoERfk~kyJ?2EisvtB_-eCk4
z%uoiHYIL&T_>4v?06Xz(+}WnC(q47ZruZ{4DGOF2Fw2SiKDB6cJhUf=g35xP*x(9Q
z1ZvVoNHO>0^r)$US&W#?g3JOW%l0UCTuWY%8_*dWdr3N)n@F$2M3oP256o2+jtIA{
z`w1S>oKxD6p0)-z1<!Tob>Jg-3o032dH10|45r&Ba(9Ch$2eZtmkinDjN~JNFdO9`
z{8Qxm-jB8+Y@2I2J7Ce*Ee<TbU;Izag!WINL-YM^DX*P92=khq)7DcVC8X3D#*S?U
z5`bVb$n+-oQF=G>3Qys{;1eQb)_h)3@!Qc$w=4Ip%InS>b&OK6BBtEcy-K8E)Lpq3
z)fJLFga!>t;K>Dax=yAVNq%~rz~TeZ%Y$DSVJS)QB2%*oBe8fMQ7V{a@swEy?mIe&
zMaD3Fl;di9l0>u45LjM73hS%rFW0vUK3+6NMp$S&0}zN}(qi)=c6R>ujz4_wZ^$I_
zpWpwV^qrmUzZI{XT)+kqkwy+*Ur>PJ?~Y4h6QA1K&pTN^2k_t4YN<s5-%8tfZ@}lz
zF5nKe(ZYO!A|mJ<Ho5AKn^%bbYBitcbyexe8SSb=coLO*yRL5Gpkmn}>&A*`Y`jxK
zJoyh?Ef8GbbE?>?r-{JPh`8xA5F5`^D`xY?^KELb&*O*>L>jj(4L4Oo1u6glNj<^I
z=Ba_C+uvw&!krZ(4oxQ=M5iS!g=O09e+}a1@E0|2WOIs%;PqdNQ-qVFD&c5i({rv+
z>{56NTWdyqIP26m4csXkN+`*LZ4z9-=B8i^WkqFj!ajL}^2L(b85ndK8raPt`$X8A
z4mM$mVrd;mrCz6;Ls7LfI1U0d*6U==J?`(%9^W3_o4?m;Io4vGA3j~){j%YqW!e}H
zM4U_k@uZRaHQHl|s+ROxm70tO32BQ00ZGFQVNLrTMdX57P6BHJ&JPy@b>fV+mad*$
z@kPlTQZ9}HE1pFFoljij@Wp{3<@N9C0BK4X;*N@Tvv0Zvk|m|SOk)xt;1k&=mtsX!
zdr&*)l5@9x#o~5})yK}eL^C_M6-}D5MXv&fOA*cBK_a{0jT@)k@okMlUH{iRr{Xc0
z9~<J!{Lm7~!1$fNVA!COJa(qLE~o~j?EC|D%eygyfvppRnu+mFX^s0gDTI1regs)w
z#e6r21o>Y2F%N>l6e}J;rekfuE0JMt7kkp>&>_+H#KyoyQ%o^fb=(7tzZRz$8Ii`y
za^Bn)ZV`eM@@Dwbs!Ni3$uM=O*i~M_A~gDW1E6kya003jk4?vPCTb#y6}df%?PT|)
zO?WnB!gg*zJe*1nOkw1l@V=NZb@L5$Prp8^MbwO_kJtw@+WrJUUfLZ~k4&?#FT||G
zWiQIen})1JdXvN}B5rcwrrxg#BVGt61lrgv_MigmjX<Msc?qE+2L;@}gEPz!g}CaK
zx6yQ-61O<SIvKIXw3twKg>nGWT#jyF&8G1xnYQ6GzORtase$z&Q7X!i1aj6+X4Jr5
zaQ7n~RSB>&P(l-cCWOS#lT%c<<*k<Uu+16!zund@?-p+m_hZJRd(Z2<c7m5T%}-V3
z$b%fsi);pXh?!h&NfRT#+K$xhT&M4op4HCWNsG0zah1ksLLas%MZCD4fPMO&gr2^p
zzVow2Ldg!Q4B={f)_MZhe9#OrPp*2aYrb=aAn`Tzsq|9-5Lba1HNrp}{|c)26@koW
z(b{v>JQ%%*<a^MI!sujcG8V!f(yTUOR)OLx+Lin1W`40>=c8>^b20uuVO!A1v3McC
z8g*Di^t7^G5`d6l!*vOwk877Q!5xLs6@?BZb6qMJ&~NN?mE7X{E0cI<GEc5hH{j6}
z0@5d0ls+ziwO_`$Moj*3{y1eWh30V19D0AqBmD4#J#fa6pe{#Ud;r2!EP5gFaamu-
z0~u)YZyt6*DJ4CDn_^EG+z=1}(UbJqGTo$LyYZlgL7P<|bJ5Gtka&&RS2ldb{Tzb(
zJ?98_U?KO`hS-5#ZLkYZskZj%iVC@EECDmB(yh|~zbp`$^jLaKekUeXV<Q`F2G>aL
zHb_)1s7OdKtPJ<nqgC4uUym1ypPel>9Z^kE)baR*Zu{^uo835+L*OdL@sh+=*s0i)
z35<8ItX`a3c63XOwKXM4ljNKG1N!bEE!LYLzClk4C(5Tk9B|VY{PZ50o9Fl5&-UL<
zk|13G%xL_VneKkKuXhPcZ@;Y!7!2X2Ei+r5_NISZb(HT$QF3ZUmD`U8XEB7pdUKbh
zYf??!R+hp(>8J&zT*E%n;9vc|=x^Hn{6L7UH|e)r7=#Oh*)NnTQ=XTjJw^0ZhvR0<
zP5guPx;-d;0m|^bWrBphd?N7-Gi_PK@m|;&kRB64ZwXOwhc*EV?>duRgeJ>T+*_0t
zx=bol6Q#duS4^Kb0Ku&++N{3}Y+%;kESXpeh%p)mJt$iYL*k-K&Xr}i-HFAllfC0+
zr3Jg!-5e-zz-31C?#>^23@=j3nZ>a{4%gTYNg`1wMoDFNk=<M$A&u!XI&b+fCaQk}
zcqV^~DkM3!JVS(ERyklk=dFf5J^B8-Z^5}|t4Cg0%4ZK`^R*M2TpNcR+RBlsOhzhE
zjmx;9=*mi6fMZb>vOL<tM2C*lii%5ToJhZ?A6A~G_fhHma{X}F;w5+bhFEL)KE`5O
z-mxU^$Y2MER)&dLAy<VPzHs2IPo0_%&|_$oz#vDHMK1XiU|$G4)W+4)22~ReLDEQ0
zWjb>C^P?;zkDMqMc4Gs+@weUuQzN1L4?P#*622c$3PO&Tbe<^Y`SI_nq0lj+bqaPK
zVvQxSnw>1UfyP{RjLumRW@WgOP~tlF{8{RG&iSmC#_u#3rAchA5Ra({1r?Ea0H_ui
z6Mr6rj`yCiGlC#WKfwUquzHE*c|U_X*2*Ylh(az5a_3@APCxX&XOyG9)z^JKPmiXa
zEH2qg3xE9lCfrbv-j_`cj%BdK4+#cr6&+TPMwjT~4^w^`&Rw}l2lXTZ$;KY?%3KSW
zjI6@x{5=uLfc=KnPDGa$({f^HfSZ0|<fkf6$rH@1m!c`{+7!#<C=aW9cjw!W4%{-y
za11`{MkNCb6kC9#x`28CY@I7F2;s6PQUUzsnW$A`IO6uA&)o5)3($RMbp(SvbUBdc
zc$rc-T?}czPBCzQ7)Jp_wiVyU@0%OE8yv>k*^NzCs*l^w-A{ZB4=ep;fJ#;}!1J^D
zNniO6c8{X-H=?Ym1W!+n(C^`oH~Pq>MWarj5NoTzi%ol?QZX_0hDVO(qUfj;)36q_
z+Kx)7P?vU`_QC+s=XT^)%X=gBpgBu3WWpajLG^n;QNR7W9LnDm_GNh5<DtZ#1|KQc
zv4?GYR^5-?=AW`gaJ2oLfHVjMZ%X&<d0S47jqN$_nNSO>G+GR#IFWQvpDB?T*ue+q
zd<g;IT(S;Y5`<+!f2C?F%3<@I$2-rFlGy=reR*}NT+`3i9)ibgq!2vI<!T>AqHW#H
zEJt?IPdQN!uM+&kJ*ETZbaTY^9;^0CjGf^$Avyo}3ZWmWWJGh{0hn5_nT{nE==o-S
zmvC#Ly`y&dwCBMeE~ueZ^Z{tCPJJy#iS5D_S0oY@`-hcSfVutXM-A1(TKODnf$8E(
zHvP4Om6=2w!D<RikDBVp3$=lkn|rJ@4>=c8y3eSxt?fZ&nlcv#NP1U7blnr&*_kjj
z>W6g%`;r_yd1GF5$uMgOF}Df)-_-lH2VF!5)1*Q8^AW|@9xc~=BJ9fo@EsNBwzcc_
zDq_bXOPM5POtuy1alOAg@GwhKGsk=PW<No>QE-xh#430YtlXTOKtUCeFE!P#*v&6N
zwBs>NIH~Z#K!Jp6FF3}U%s%-dWsdgdr2}6h3^%8JWdemp;;1v0ce6)SkL->!vWyCV
zO(s)+3MBnIhNoZ8efITSFDW$o!C3C=&hp<Wk<CWK+3;74<<F|8ll410R^$Wd$?0?h
zd1YZ06cz$Wt9GG#9QQ9h^5pOI$NR~U?k+#M%VWn9Y?rsUQ>9kTpM0WGYT6MWRxgvd
zZv67NLHa4@Z08J0FPa!i%jg&RhiB0tX$jO7*h!9uWKx2}Hzp@2AAK%$Qf0irQs|sK
zr7ZfL7DD+$D4?f$r?DE-5XpCAHbX+TPOCWQ{vK*}D8<8|@vQh)fQGEoE+5AFo$L1-
zXSEHDp3)~;)ULXnD7Dd4#a$R2z3Z3Uf$xXQej!tT%p*)~Vfz^a3YWm8UUY8sydqb+
z_KVBr-n^&^+~IbScY<g7c`5dT_hV&tb5^VB7rF#u@W7W<xUiTe@3<qKFjRz^8cbq-
zc1TVrsQXTFy`hc!0}8v#+L|mM;toB!ae{bIq%!|-tA{c8W$5cOF=7XWi^4(mHv!wK
z&NQkFFxwQ~ZH^xUkGKi<o|>>1hwonwAMfsLO0=MmXFBT{Ig_d9KEi*dQ14IED7H4^
zPxlKB`vF6))>$t;$UCcJq_$&t0@Ap2lL}(m7ZrRvXcavv04parTAd>CT_8rQMG9en
zT}>;b-ukOQXTCt5gc|5_V<MytG@#6dqXfA8=JD}_HeT>eVnkMHo&@uRMEy9NeH6Cw
zS;p&-;5!Yr#+UB7Hmoho6U%6Xz-2(dkrd4sO)_6sNLpMc-;NDJ9s)OC#XJ586a-o4
z@@EHT2^@(%fSVQfMWC|vHab<l$EE?SmV7-@%Q?j_6MJ2-7OE7j%;zXLcVpTDg&6NA
zVv4aCF0O%ZrWnOxXW;peN1jC4Cr%MQH}2*Ltvk8d$BkMvX9x=I)6}R+5P2!A56zb-
z^K3B~-)P}ZRt}wz@x~bi52@-j4~6W^coa6x?VDv7fR!g-4Axr<7Y(m{aDoJhJ#-hI
zzo;gxuqO_oQ1qfP=L5tLJl;G1KH7IZlHA7%S};SrNeYB}cGsRNRN23JZ}{~#Y*8xf
zuJaFe&udzEq4d6szEhi{z^(l2U!JwuVJNBwG;>hDk;@rx6c4B1ruYl*Ri2HD&st9F
z-QdkG0Ko+B0s~nPUbTq|*!PAHkO0o0ELkB08=+iEOps0Fjv~g;esZ)(1#tT}(^~e<
z?D@+A&2z{yf}wdlUOD>PPOQU<a2M^YpVDuF1jp_O88d!eS(S;z+&15%jdq@wLA4rN
z7uV4~%5dO8ehuuK_<7!5OuMpF+0Ef49CP$F0aAnvdwn{8did6V*XzwOq%XNPP}<Q`
zItE9xFYD`%JwGM&atAZyOw15VWsdrmXcMjDM~%t^vG4%yP)RL3%K%|m_$5J)R9Dfu
zAqn%#BCL2<E~jv&{iLP)PU}odmk=WCG~|E!<KDmS?AY)K%USF~yeFap`?PF?BGF4c
z1CVG@4)Ugvq2G+v2WuH(fRX{l5i3=LZp>t+>88G71H*O!wG=+cEi;!bJWL|-%<?S_
zd79EH!=Ix)YH_?yf%}zYaA~!=Y%709E2xIXGhalwI3hFzqf;eQD4S1u5@rdVeHjGD
z2~j_$);;?mh6Fb6$BRywA^07l*^US1Fo3bQy*?$bNQnw@BTM#5kzBbJW*?TLaxJ;^
zCbKwC#oxEwHv6fs=cHA<%!&>P%5F#lmS1l;q)ah9bpxUTfjMmQvhyf%BpaD7LCbAk
z19FMrggD7&fU3rkP$Z#vp&v1;yakH&Nnn~+S!YR{SKV3Axaoq`@!(ng0uhB71mH`a
zD;}-0IY>mWwI;+RP$WX5!E7!38jP@O^*ZTBV)x6@{ICeuU-GSd31i=%;uMf|CecUk
zUp>U0vVq-~i>o003p>uV>2wB4CAEs!2n7JcHB?Q7r*kjBbJcXTsFWrINk($HAYOQ>
z)`LyGm>VH}(Tt_~2{|6>UQhkA9<br&N(sr1KDb=kDOJ=>VP??@ao=aOtJX{Cm{T{3
z*i+x5s4L?1t|MBw0cx|S^&5t0Qg5Y10)sE6pf1*vtB8<cL&TC2{6{oNmj|rU4)P^=
zd}SR)E!7p(<-ukGCs2o9F}c|JvB@?I-|f*sibLEchZR-B%O+W5{uG2(3Q$Q{>!tA+
z{>%Nu7|Y#~WDY-|CVA3ey_QX-<dOYi5|eqUpMQ%wL)O&}ert}!^8*AOy<<58`AIfj
z=LFqpO8SSVMc&Li@pu6tYe5Qp_Yt{hQ2s`F?pEwb1J|feriD3XZTy6nCyJMF5@k`t
zNTQ<5S|TOsimCcK8-};Y3!n@w=yu#XO|)22@ma=14mBj<%4p7Sz<p%d6-|s*k{F1g
z1?s(wBHzjL1d}9bHgTCGph-~iZ!SYfC)5PqVAiMUmx`&(E(R(ZFp}h7p|(kj$U!K#
zX-@)uO#fl;O^xwLt$o~VdcywYa8iSMLLb7J>GlzvxU@H>It&hYro~`ZXm?QKm6*Cl
zQ$d0sHqU$dl_HWF1?l^IbfzKHnPc67ZSCO{Qej^@GaA&wa}7<N^qZAs;-@=DCXy>E
zd7XKn^XH*OVD`*08LfHZv5wY#2OYb@X3&BM)Z+Y2?C9Ea>&$X2GK%$9`YfYm5H<7o
z=QRJ{Hv5&si^F9Ac=@xZqk()b&Ga$L?CajLn4{iKKA>*+habzG9%1~kTJ!L3WJLQK
zN9Zng9Qs8Jg=;alO4(AWLmP6TRFM0RzdK~yRhZaBK*j1YG*Cr_p$T;fs<NWxS;1v6
z#feh#o}eBNyl{a$$W=C$U<wUw)y_bB`?<{p6+H_v5;|N!Kw4W>8wNxjpK?n9nk++M
zZ_`&kLn|%fALP%Wid7LP!lNu&t+1TXfDugbb}&Q(KgL!1j98<E#}{MO(t}HDgnp23
zss80(>Rm}_zj~XW;2N4pOr9ZV&VT3w({rY0g{w*y0#THsmNCPLVLb%&5F5!E*V$4s
zI-q-s#Tx_|kza!^a~&`{@Yz#4j^VAWMY!VB=Fy=~q2_Y;xqR+`A805y1U<Pc;u1<L
zX7-z{x1Y{WUwl`h!wmi*pt-11AL{<YHW``9ObRVc#V;xs>pI79I%Tn!=?xkZYPJ=t
zlkit8QFM<=8HF+#t$eC~J^{wHm>v!gw8mjhJqZsm3ktA;k7+{j)Ev>!?88vW*Vi~a
zd@%!4a)+j%mZ7!`gz~Pm6H>WOT`y79S``%Ups<{K09pXZkXP1aW&9WhJ*!dpL%ZFr
zTBhcY?CDF5e&QQ^B{StlX}FU?k*@dv@^azdqUMa6w~nuhwFHF%WxYkm8X5#fM!G@B
z%wYhL)E%sKlF__~+#Hb=V>=e^4MjK=i!hVota@9x1vhie6?b$|r?OGsO4~lO_t8;V
zX1VO8xj*hdrtDFWFd=Mzi~*x-Ct=&Pa`kF2<H}v)4{JIM>#po!f_$r~q~cGz%Ir)G
z`{q!zl#ifs(v9G;_I<i>SGf>jQ-efiS_=R@k|!Xs0<<nztBc2}*p72|kHZ&l5(3JI
zv<=-ZVb87w{@**<NH6_fj6@g+J%pvg_@U=RIKxD(8=Ft`Atdiw+N?RB_3gL1q2wF%
z3cf`DNG#!6VZqqPgEoN$2pj#!JA=BkF1kJFtDV?`9^>D7xPI;2?hELshq+}X8@>bn
z#yk=-9R}aXccmguph@t^&*s+e|Fv&{(!tBx>7370s;zy1%!tbL&XN2lmzh1ox5Rs~
z`2Ed*A(Z}fUs=#m+yVU4E_<&5$1_rz6#lwmT<g-eQj)2R!1I>3y!RA`o#4Fk?}uIY
z1=F2(A=*<YLw=}OD0uE;fOK{Vmn)#h)!*WT`FA9J9MM#s&v#@~8`D=5tMi$Zxnw-F
zC5Yq1?P^tg6w~Gfk2~HYC2{f9k{W5Mc<f$6xU$}C7v{kl1wHT1+k&y<^8~^Uzu@#o
z(W)=}V(uUoHBCn9ZZc$Uc!|_z=k)HP_U7KOXuIzB|K99H`GO@m{tKaGV`k$7vTBP0
zv~}aYa)ObbS1l9?|FI}khQtn*w+7&deaW<*`vsOgl|+Anl`gLK4{}d}W49fw7rHM<
zQaUoRO1^~wi%l2`O(JK~qvxLRNZ^iHB<I!oQ=tVNxti*lN?b_dQfM5jTTjuVHNmS+
zPhrX=kTjBX#%XH)2cNUwi^U$JBV#$>?Z~UchYObGDZMm>aZv`v6pN*aUq0(z>+1PF
zcZc_OlSYT&T+(6LW?zlKd#cKvQG#Tp!K-FlnIO-c)wm9PuS;LqutF=xO9V{*_f;0i
zs8KSn6oz*~VS>sTj!@AhBe>d<-0GnEC3ojxbz#jls=TMa9@ZIC&CHvNuRN||T=lTa
zqlvqm^cxKYH=IDEp6Fv>T;+znyYAUhvGgx!Pl7+3;Z?_jWQ~V_yHekWCht1<h1hY@
z^4Lzvk_oM(NXexJ5#(wya^@CQf>5AR3L&8V;7I#dn#M{@+4H``Lw6hxvOwnOPShfD
zgu-;~rDc^bsHb_3W#KO`>lIf<lo95_y}mH5`{C7AY_7?u^U6gRFD8D1upZE(iUdrr
zCC@z&&fGPBjrFrM%<}{p`aU9arL>{}zYI;GKKhF%KA7gnaw%RO2xvGOh6eLow?Kf{
zw(oNBOFT!WiZXbtFOjZVMqKA|3lY!Mvh!sm-?0HXvKmr(p7F&PY4+cacLx+%tbJmn
zDj7J7m3>qL>tJicWXrd0cf!>t{zs2IQ@thC0}dO`AHm8(P{Ervq-jm(ho}*LvoPLU
z$GMm3q#9}*6Y>w*;{FhUNG00yNrix=1RQVQF{Qbs;;Eituf;hwL)SG{jW!6WCyqYK
z%J~}FR$h_Hh6SQX_UVi&djC-Of*OxZxL6*s3VvjK?YyGI0#H2xRHO->r!krS7CqG8
zDBnk0Blssvmb4;VHH#GsA~32*S9<wM<4^J$2%+hn#H;E1yz1c(1C?kkNX!BFm3<?$
zLtV%1u_K8w)GG^U>v@4Pwwb2X29RQT>YSvLB%I|{K-$gnx?Sg&P^X3XfEu?wKS^O!
zWo;!<Qz+1F^D2%2W4NUJyN3!0vd9GnkH#k60vp4ud~u8ugHk4myClXS7^$VZ!$LpY
zUFpkY`8Ft<RDaS;C{+Ih6idMJ18$!3t$`8z@B4SKEIT)5f+kI{jYeQ2$gK*7F2Pce
z>P`J9sh~R>w0N<UJ`(HlEh6T^rOeFxhhSqiW1a9R@NMl|AIoXCI<)u^h&Fo}T`41l
zAf<o`sQ3nNFcMGMpz&{T@IcgLS4qKI=#O$fF;qDCo;9x5P&GkBMo9oDwph_@tzTE$
za+4(UHFva?6OC4FE#tA4+(V%vjIuA_&&%cT%OuzRaGCN}-ypxg#>(Cy6W5L&qhBYF
zA-#jaP7c#iZ+A{_d-_f+2>wI$*gZ$_FCL~iWg0sDMnU7)wd3h^e{mafT2EPSFe_#A
zZ|0D+@Cr0;;K&lm1wQ~g7f&$;iI``#9RbCg8}T4fxOE}Z+ru^&DZZbpTcmv_M9B8)
z;0^^D)=%>#80IAXelgI7wHgmlKUl-}LAzgw!Yqcej+o0BLqEcGn$r&3Y0ao@9?~Kb
zUgq$~MD5Qkp0!!<3s=vTiO}rLx<z`a3jg97W4XdGV}c}ra*PAs-qW{4bV|g>3GjI0
zv}qGC#*d1?%^=4N5;AV^g?j=n!g@5vCVO{Idsr27W$<XVc-!&QujO~FS^b5<A+-7&
zwdF<Vy@(#OztD%(6E#M+CXQ)P&V~|6<soef{FCZtmH->@i#?mS{PqTyV=+<>1-VlN
z$mp65Et1kccOt;8*fEGsoib9*uKc2LUv<iDUQ=02Q~p2vgR#f4zLJAj`Iq;Xh9h_3
zj8`w@B*&9sQ(&<a%`)?;@N0DRE>3fKXL%7klAS~$Z7DS<`-oC?WjqKy&1d5PJs2&h
z-J!XhPBoLi&<K6g^mi9-u}Ttw`v5W|2!ws)z0kJw3IHKCE@ULAu*cCNQ<@MoS#bik
z<{7pLoeCX~8KXuty|i$9z5*qk3Pol>XrBL(qV>0H??&s<0#$Q&Y35v9gkQWDqnVZ$
z)<M@<wK_gOQC*M>X{^}sg&E%Q2>NZ4Cs)`N>sL>OkL&P5+0T-XK(dSB#z=y0wvP*b
z;%v$gYXO{<3})Y%HfUDVOex*OHLc_tk6z}uQFOqYZ9|DR8N{gLdp1{DY4T6xL3Bl^
zGk_Id0}fnJ%XwYb8kCd?<^KQ>N^;uRmp=(4b?C&IiNE*<_8&&N2ctRD=g?`(bGrKb
z92d#>hv)-Io6~$}@{5;3)D0)2h}$m4bJ^ln0QSf-fwRkpuN`Oks;CBs28h#t0SHoZ
zbJ2Vo`fo|Wl~#d`=#m-&VvX2Iaf~cG-^x6)@i?xI+bc`(qUE83p3uXxa_3~A%F_bl
z=ky>imPPAuj=25zf_~^ajNX;+&r!gb>7^2rap>AWtB?Cv@Ap(?X!;>S+vU|85eoyn
zia|AGZ<M69kr#a;L3ndl-eiGsJxw^&!SPT}_#oPh=$%$&{%@My356EWfpL<~tD`v?
z7^ZVQ&RpgyC)piTSB;Xii*VeHD<4p<7NmD7{m#V%Z<6Utr(?Xmo9ig0xah=z5mmPS
zB{(i*(FRqe5WYuHAdi8bIivEhWtD*9{FH;7>a*6xH<}pg6Y3*^MRZ8iTL-WtJXV{!
zlZrLF3V+BA_`+{fdROQmO3&J+1Lv<qg9f{CuKx7Goqc!yK?r3NqUiTz(Y88EJOvX&
zzKo+W^iVceN><G&qGL*iT_yo~OMK~ObXF%IllHI?I)2^4w6YaEX|O5631NVPU>%s#
z(C@#(NT{>iW$S34;k9El7_C0iJONodoVDd3-f+aI%UYGcts2(`1q;6z2z9|3qqYYf
z1AP4g2>0VJ27-*>`HO*YWFayj+fv!F`|N#2?*4T7bbl-LxV|>{3mT4q87nIBg+R2t
zk&kZ^8jyV<5as_O5P$%{=xz9(f1t4D=3gd>WU)7`ID~{;>k*(NnW)%b;+9UmUos~K
z%HtTW`6U<<zuK*)THVz-gUNLFcy~FWfU_vtDaBZ5;z|aohNNXHHsHc5SdvkE60q01
z+*TR3YsDg&CF{#f7L6TSS`q4r;;@5hFEcv(qMVISL0&6;Sj|;{Gqr$A(_9FF-2mbI
z^L&N}FEznjG_vOg(&WWsAWDfS8(HP;w#5sQC?_Hh=r5)Gzi$uy80)px4E7ZQFdysz
zM|E1ij1k>0>sa|U_u{f2s}e^DAqlkB_wm-NUX2JI{sVw8R{8=Urr*z_?zya9Uf<8&
zB;d>bU?hET0H}Q|Mb&Z)+UAYQOhL)Q5bLJ>T7!tfG~Z-f2Ob_?#asQap3a=9C7`sZ
z`VROcB5Vi(3AFN1p4!U{qM<#Q{QZ`O_jZ17QpzRadp3G<{Qc6}d)!}kml4este1Y_
z%!k+4S=Zv#5bJU;Hy{fGpi41Pzh}SS{?slhuaZ0t1I+LC?7RE9*k954Y{e{R2e-Ao
zVs$S$iphIgasA!f96n8`*>@yz|KcCa`*lhvYAVY+&Xon=9W&N<;GA>2(Z{7u)H)m?
zdtBl@Ic-A*%RG339)rw3)jvg)2e<1eFtDQksBqh?EuD|~Izb=qjhX86$#Sm4PWcb6
z!HztP03KZOih~%IzhLhkg?maWF`sWJwvX&qr8`2XsNU5TXOS$+{7~$cDa7$?YaS8T
zHCmv@`O>8h7hwc!$I0>sPegMExnKN)qCQ$s$><V^*UrEA!wZuFK6d~AUQ++FqW&+S
z`D>e<=U>M#pi!O!C^v96j|`LtXqIP<&&v8Gu~3B*6og|Eb98VucW`wf{?|HO6%Ke+
zjs<kcGo)hu2Z8>-WBzeA`M2z=*MGgo|80+o?f=u>zaC}(GnS3*pT4Qs{_!pUzuNuR
zG39^7a{Utv%qqkL<!)>!R00Femr)V^!*!^_vHqhE`MUha9ov80v2g)0%Sqt%iN6Nq
z=HN=q!VEMk=R@cG??L?M2WH_00xF0hxZqg0fb-Q1K-f+MU_=Eb(5?a%?cWjqGpaB1
zbX8VPI95*Jw@MK(Hr9Wt0Hv$(!M-vSK!qd_u@Vs&S-}T1szikRuQ>ewZWE3Df57Aa
z-Ohi$FH%hkJgg-B?_eNll{DB_M^!akpj<%Ec0AzUnlUIz5j6=J(Z;D-Wl&IN;J5l}
z;7mOZC?}Aqh7gRC4Vd4g2vl!C{hCty21Y1pZ8cFDoyPnIOi(apV&GmgCUCY98#v#J
zlh_mh#>oz3t|9p6lHa5Q%9U8d2*%0rPtjL%c}-%#_!>OmYZE4vl7g(dtSk_-xdG_e
zjNZ7_{1Xi9>y+l-x}0Bi#Tr}NmO#P26gmGEas5*Syy_qT%2&VxJ>Lm|teumn99;iQ
z&DYQBKfi5`Mx?Gz=>HrJaCUGQm@;Gygc_bg<M?-C{zoJ?5V?yTz{SqPEhzY(KKDPf
zvVU5CSJUcziY4)O4ATjbM6Zk3(5b%v-mD{)rIH{*2`Q0&%o7|;E(|s<3r21X7tcJ)
z2DASiIx9?vs;PP@w&l@Rm$zC0`?|dc^C8P`hv(YO&j<V6sPV~Q@MCNC>t%xK{u>4>
ziesFNo|f7ekf1BSG;g(e?=uoHJcTpbHN73`3XqY+AdqB^00FKUCF&1HYrkEjr<LD~
zWHNig8IPJ&Z~xX{pIw|j|A2(Ya)^mgh(U&jRmf`hIc-R016Q-`Axb|bNJ7Cv6Sx<6
zm-?Y>CU2*%?7H7mSJqb)oNjtP;|dQa6UmSF3HZDQT(AHAJfeabuy<*CPQl5ouJ4&~
z-rR4cx{%&VZ=&<`n3xwR5Kdh(^&TF5hP*^}M}&2QcR_v*zln~%)9JQ&+VBw6d!FC&
zyneIBCNgN^HX2`OGRGVLaSFFGq48~sJbZn~&xGL?X;0Qix=W6Lcm>r3hHGD7AUjR&
zC(1nxKxyB1pO_{0h7=2BdkD*fWKYbF0t>Y#n5{nThO7luF8p#x)dadedQIknR1>8$
zB6*0&1anW+NBDx`3Dp*csGn*rn9Nv;8<h<PR0REZ1niI(Y2?qKHDP(mZE{Xjwea#G
zl7Sp$^e|ZHf!v=_FvM*`>?XYZq+8Brx1%CM05Z)f?l5Q2-&c*T^|fmW?lSH>KYVzo
z#<k7Rn*$Todgle368_qD-Tx^?Cr9T&ho_8{|B=IfGqUM;veU-md3;d9HQHP5b6-hw
zrM8o;V<YrSaHM}*<ed4B=8bNU9`x0)wRdT;;+yGf*y6dT-nO6t+chtM003<`dF|oq
z2AFc;KmR%Fyk?z+z9Vz-Fdi+#mSr)OOOkv0=hDBGZs)J)E=3z@8`2|CDlh=k>zTQ+
zswyD}tESgL1?3gxG)=b)1C8)o@}<c2_`>^=59&j+vLB5EqQq-rmx-|u!EAs<gQbW{
z6$z5`3$a0#r?Oa7UILy%7^I$bzn65O7huMW68bytmBfmr*qmp$z93>~hRio#9Tuxn
zV>-82GjkRAyjgXrE3^V)*>2sGqf9ZmU1zq#Oe&^@tbAkIN3p)*=`gZkZ+Dm+Rc&4-
zm9#Cn0c<s>ZW&#e6EEP9R(Mm=h(^v8P%JLn%8WoTc5=*zaRMa)d#PBP7*!gh9H2rH
z9t6=<sP!bE#0^UO(r3fjVs+lk58pvu;Bc5E_ctIoK1B0wj`g73Cxv#C4?kDWCST8G
zSW+2s>L?@Dj~jL7_eZ!zi&v@y2<*3_5}E<_b>W(Xbr5dbe54~exL5>Y<nN<F*Zsd*
zbG}D89NkgH(Ss6B)h!eK2+g<oBL<LG@c601$(qeqM5}JaHD6ehWTDn!XOEO~Kxc!p
zReNG(@7R(9Q7V$###ca6!PsKuar&|!8F&V_v6q@5>+%LGWz}j2Vvm-Gh4xzD*v2H%
z+n_JX*VUHw9lLE6^(W;wp%k11ytH=sxgJ%uMilo=5ticWscELgCu>inUSUAX-<0Pc
zQgz#JCt!#%g~er-DXWcmJs}i34f#1d0}_j=48maSzlZg#kS_tRgm5H|<H#or#$E^>
zClg=~oTMKf4!lHqzq0A0d2-#6ePln^03SWOy<ni%NR3ik_Wj|gU*}%t>BOMa4d!sL
zUeFZxbNo0=Od2TxqJnivIGF&q_B;>_8*6wQRF%?YiiO;HdTv6`n>j4mMp80UYtE75
z$Pk?xIi@9qg&ShX<NgC%!&S{3{K4-VqwgEj0|%yYDACwl;FQjZGUh)r=poHOA`B9b
zb&pK>Ayxu861)XkE)jLW=D6_)1AN%QUqxnSKXMH*i&7k&w{e@HZu9~EosZI`qv>Og
zpiPB)HQ4c?E{wTKg4+yMvCO02-8WIhRG4Mwr@jtLKdoRW1#+*Hv%(76lr<C`7AD}>
zxvblwf1rf4YSAci_eboA@Nq*cu0KutJo`h$f$R|%FL_dim3W80SSQJ3#wjVa;$egZ
z7v^JdQ){)+T89ChSQY_8_FYTcpEpyI>;}8LF(WSy8(w48-73uK0eL{rm2nfnkeRKr
zbmRK)u@V)~ac(w%(^R2`I^4!sImM)(wWEJhPN?(2NzJ?vH`)=N24Xf(3$q)up?jSl
zzJ>IdNvdKHA$d{%HNz^?ua1RV#GkM|F@F1g&ZAV}%dy)~>=gjC1f|C4^jexu3Chi)
zf_!`z;HJ6}|LyX0Q{7@9RgOR<2q{PgO55w8*!DcM86Bvvd?>7y=^BTHjX>oqk37D~
zpvn<h4ZuF>6enlRkHn;q$Lj3zPzXV<O5hij_)ov*r6&9JCY%X5>e&MNppH}vzq|vT
z8LWqBc(jH^Ok99W`CfxG3akmdDm`k<I9ER*p5mWB{i&;&10FH`rXgD1dF8;zS!2$7
z@b_?hvDfLlIH_x^lkazg-IDMfRxrCJHq!d^bOv%-A~K{jZ_2c~)g|*LI7&A7E-vSw
zh}q1HHkD1TJo;iseIDF}kEC}271a8z%b~$uwjHi?lvIF45rxp%`jhJV1|sD8`;vZo
zwsy5t&4M1$LGp^1q4ifEpsWftvs|S5uzw9_>T)Z&?qKW)x&0%mpHjK&l?;jMv$}j3
zT9uQ8e+^49Buqk%sy9tC;}7}vxX)ZNiavJ6ZB`0Hrj(jt-5j<S^X?u4xk22|$&^-=
z3}lSE7+OG<5(Ab^p@B|;r|_T^ci5|_8ZE;s3e%95`b5=K1?`*5>fVO;A`9yE0N<9~
zA5JO73RVps**pliY<{Nsw6s)^lSc;w-Cvn;zNb_KFphFGav%xs{^2;+m-*R)5rOPY
zO=;{H2WK}C1YPhV2^|xX_U8KbEz76lF#+C|=sJL>R(Morwi0<&#IrvF3T_{%_=Bk$
z>qX)l)9>rkHlgHf_Y~ek(0|7zM%3>jCeq3`r3;bE!awSD=g!*WgWvqhK5MR{^PZ<-
zIy!gJxarOitfLuYD%Yj764IH2f#S4ks*At?u%c5n#J@*kl7J}zA$m!d`Gn_lPW>O4
z+uMM@tT3_QhM?TV)txb+ph;Ic#`A}IUaWSiS(cO>jaSBJc<Dh~&%_E?WskJ|0m~}J
z^Cq4t3s5q#n$=p1-wNRm&PK?zW?VIM9Z`$0DTj;A$wB?<impOY+&@ISE4oYHj5?Da
zkD0sJr&{EL6tI4%^;Ai_<c0>^pxq6yOvD2KW>G4@5HEp&Hq{MiNXQ^4`a}g%8)fah
zIfs&Y5m(sCy<S}0sE0NBmJ58Ni|Q(+u-zvT`RqnL%+tzARvX3n8>%KfdHq=$RgiCZ
z<J2gHiL!_FG6@aT!r$Vo1W1CF=Dk(VFjmZ}zs1~@J(hNVb9GH#S%&rU=CLi)d(;Nl
zdhfNP{l)nhP0Gb<(Rgpf`cbW@Q{ZQ{*?y(sJkKVuy`zo#c({}7SSa7aJK7>to~-R?
z&f<)tN1hZv&0_(H0ve)|P@NVQ`O_s&MmtdrOx{P?z{+ZI(c*w1pLZEb;<M8U?d<3@
z>6PA>^6&UUrR#dTjldXmsEG@-54<4YfMaW#i~Y=gD8-%iGl1(P`aY~Fxx@kWrM<xk
zq1rU5m!3zlf_=pd7Q^1U*x5f;K{i@o1DyjT!uEMjokVQkG)+GDcynvy9C2qDKSjA(
z8&X>sfqVkO^MVy)Ru>U{_yfe>M6isWJ&Ses5=y!(_JTD1(I{sLBbUh_^8F{^-blth
zpaTTsMnodNo&meJSxr=<JSI}s@g&&q08;{Q@m_?884GiH?=@lg4QYH@gf|)V29bDH
zeFG8lCb#Pj{gt22ATVR9jh3+!k-5v}O>TC#Yu0(6_07R$ST$W1>}04aQIO=JpwCky
zsED`xBYYThE{gN5gIq_oqLL0!mE4}eA0tx6X&v1syvm{Fo?9OEgmF<gSKwQYD;1ci
zT4YR2a9k&6*w@^X6M4T1fiw(#KcVK8r6VGtqDw_2Dp$uVRemtu@YCAPf;CUfRL47{
zJ?Y8DkcwdEzEv(r%?TpK7~7R&G%Y4ZMAalIjB6uQ^LAH7_N}ZBssR$<X2e(tXWqe3
z+eQyaMzzPX5zDDkzK;)mE8mC|vOsqD^OH|{7hI-;Ri_Z_2lLSw6n#>vrcT`hMWUzx
za)-!jXRB<C$Ne8Hv!ID1C9O2=I%_<BJ4!MUS!=UzUhrP`IsGyz9Z)V&v5u0H6zYW?
z!mvfclyZ@A>NMu%r!?sR34R$3$$DO`r6i5W^Okn*UX>_Q4|$UUJP~WJ#r$t`o&4ej
z%_;$rRW}4Z5Hl=l^LJe)Vt&ptAvZKW_k8SZTIFg1^mb&84TH<3xEoXQUHz|SFeN_I
zp;3~8`xUMM3u_3yu70kRR525)X91{lze=JD2j*32e^9@>jNyj@e(&-*O^jf>JQKn^
z%AgW7o%1gH_4G)RRG_d+X<mWoS`R&KHm*$eHn>+&y0ZxB+Ao9WG}QNA?qD@=p0RHY
zL{K453!;U!tv@LK2x3&LwJuGkmVM4^`y+Fe_7Op3QnLpUUT<E7KC`wE-DDTTN+rkr
zje{8Oh)%9S&Tfejz=iMShLa;qqmijk$rVWw!QNHyy_!-<<ys97ft;AZIhR`%Etfvg
z1arDCgkm{9BNOTbB7s`4i>Bw<;ZuV9xBz7{KV*111ajG{C+6%KR}s9@B7S-*RIc4`
zQxt6rq<iR)?F$mR-9Ek?j?4oy_Df{x(9?tc(~Ox?A-AarsD64>goVX;g&4X3Iky_}
z?Z9bJa!=)KhCi#Ie~i&O83%OVX5>`~mJr~t?bva@Bv3o3hb`a`Lcc_gF*U#+@>Ut%
z(>zwW-s<2}nWq8U6X70f+1XM9+Y3v%DahGbp1BJJO^5V9JGLCA6_`}wWZJL%RBnU#
zql@Ui7R2}f?J4NFh|G-44ryB5_(3T!G)>lPm#Gs=T4;scB;bgW+|;TYJ4XB%>#N|C
zv*Vg{^kkx`K;;#We18KY{%(nF5;1<MzNB$)e0zk#aDEf>3uEReyUo2n>>MGbL>>x5
zabSiiy!}y>PPBL7`bl*d9m$(&>7#n36LNAU_;C*4I1f^*otRFpBtA-QA7kF%;PM4G
z3+!@+-^XX~AwNhoYx0L}C?dT#{&%|9625TBE<2}j@dL{WlX^d_n4V(E_UP~+&d4zX
z<-~R0aH3ytjw+cV>qBtAHAmDFUUwoVbMWles09P&r{irbS>X5ZYIa7*=Dq##xff7;
zd79Y(mD;}9p{rw4x{;xOj>?_}F%9~l31kuB_%LwJ5mpwYodB3cem<^{XjBj<uzF(*
zJ_{Sph<f15EW>o8;$7J<aqgOQE!g<P<Ds8;+Jh2TR#2Rff1@%|^_<X=+I(EzZ7)E5
zcM-NgUOw4g+eb0;C#fnou|ar;YQ8;`wn*s#ZtQg+=EQetH*+qMQJG?u<Pi`bl>}gr
zz(4QeDX;(D7=oAu?Y*W_DbDM6ThcOty(Vj9{X&RaY4jT|+3#S8+8(Oek1VclZ1|3<
z&qy6Zr<!D(``y4`nMk>FXP9n9ND=2a7q>uLsy5~i*e{ahOpG6vx|@1-B`ar#A-kxE
zfa|{TCA!k@^N6!wYeu3_YfkUD;wR%08nHJW*+y1Qi*AzxFTDbL)sD;xjZ|x!ezhBC
z5y!{nqbJ*4PHvLRXnXFJ)&@V+5?NeM?U^m!pnN1=eW8adAFXfV#nR0k;{9m^dZAo4
zMnAO-1S<a$$>Ud5TC(jS#BDYQ$U>?50wPJq$D-)M#|O>bZY_=}7@I{r211-+$7xtS
z6*+}?WN1bq*~^vvNX;v?^tfS4kddI?A5LU0BkludN*XNYU~9get!G8Gz3?mP2f`+S
z*~;l=*9(jmtOOv<**jF&mUFcRH0FtDP}rBKtdx<pa-2up5#;sS%OLaA-E!~K13YX`
zDp}JzmEiAp;jfZkTmF{lIIEZUq3N6;$If4|<cB>&ZNJLgRPf7p_IWWwJnv1(vblWu
zBnKU-;k|xY>==AM_hL8xGzRUGFMr5y_#+?3?pLKy<kHN0!FOU{dW5=X1(BkzQKE~5
zq+FEF8=tCOHnKxkj{Xs2{>xub4S?RD5bi_M>=L@A5Ml^dZ07-~Y0(zM!H=-$yd-&~
z(<bto6nLVE0dwy;mwz;%eIsz9a2;+7bEd7|i6d1kA};vlMOfQsLCs0yY=l2*W0o+z
z{-&Jj$_%dmyHDew?Av{ouA$XMs2X%E{hf>;9w{0@EW8Gz@+Lo{fw$4xU%>bcwAdn{
zU_WC1fc(|OB<nh5fO-oN!|kqgT`b0FWD}&np}<OxH1*>V!f-6X#-5xNS3?qhW*QE<
ze!BY3ckT7L`0uzee7$kSmol1AkHOlPLcU1Fz49L4$J&0&%TW?qkeg4Mn@~Zb97o19
ziOI=0)v;`yQp2ExNrg$45CI?!jP!H)nq0a8@9*^)#A;p!tl^~|F9h2ScGnWz>r(O3
zoCV5?6sNl;^H|Ag*>ED-Efnyx<fj+o7e4|YR+Rv61HUQve__w`_%tEw6*1+UwE5iy
zQx_@BVW^;KokjAI`?zBKg3}*~{rp(FH567lV%93&$wW!IasbZqR|B*yTL?QR$VcjZ
zfnfM9`-e2LA?#|AbZG;`HPY3I8BX)E@|aW-t`r6r=Zxj$=q+4Y+mK4uVTN5&oPYV8
zoH8f6`1=E)F2cGPwwl{dCAjf%e?!7~IAQL~4i!|&P;B+#c1zOELn(56EsQYD;}_<!
zC0(SaD-eclGLv$A>;cwTy4r>a^@xi`9qID(M9ZeROZ{Pt7+Dcd#}yB>zDPS|b94cb
zGh@mV5TvltoIuc5>B)H)D^&h5+p-|Fe0}{>1&$UWsUr2%5@!6Opy+5<YhEvWg(DW*
zGP_^S+ODCQ!Qae(`_!)#HR~IsEqnwQjwc-%DaJPX$m_k~i~uHH?Q#BA#tH0O(;=Xt
z@|3Zbo@^JZU_!c62Mwvz`+1Xcfm-hB5_;1%^HhRw<?RL4I~=j;axF3z<n&y*IH*|N
zAKUIhjd?A(x5_E|4lE%<S$`Kj^<$!c*?NfVs{$a@)0K#{r@PKi!n3E^wL-1)UN;%F
zv&EVSYLqc7m;kVs^@s(?31SM_b5u{a?Ygw#Lt{O19(`as*8J>ONp39`bTc)}PD_mO
zAzeqng7Ql$TB{J}e3SFJT?(n2Gexf)7I(zi4v~tA&obGk3h}%%CzU{7e|TQtk-+6I
z)l5`@%f72dr$;VI9E?xrMInRJaPR$DMuhJAjr0>vl?f2G><I=y$?UN}{s^B~AjAk6
zN8Y&NjWYP<wvw^%9!#C9+F2?m;B@<EQrm&hb8zC-HU?4SLVBir;_LZRMbxI4ELOCy
zIblC<!m92F3VBm=Rq~tsMV0k6oci6nEihG5IUsSX&vjPrEDAUu7};nl`MocQY8uEt
zzfSrk7zzM0<x}N^QF+H!bhGj%JIzQn1p1>az}ftDWzh8-)5#an#ZgF3vNUURB7QTL
z7Ld5aBDxISly#R;RUetjFctDULf`&&iGjI<^%g#3>yNPmuQ$24R)Jua+@Jh8SIjWp
zxRG!7AuB{qseVU3hXO;dPR9$sQciYKVF-FesyG1S^P7Y_fChA~KR_tQPhK2%yzbj<
z;z#`}@Y*w!UB&CC=bi3(@7<T`$Q-&-NTeW3sP;){(bs+ouU)g*n9gp{&F5jl&Am8C
z-@UQUwdHKfmLHFY9VXf35A~<CR(W(1hY_#^OXAMs4PPd0?2a3stdYndnBCF(0+qMk
zPssps#wNNi`osIEb#!$X10>t3&7FoIt|UKVaz{+j>h1%X#Q9d-dUiBWxCyV`vLM8n
zy$ejLjhKQ@EC)3cha3^~L9$oMY5#Dc60>=L)mFh6Jg=9x9j+QXwwUdq2ZoSo;Mba^
zRG-b2-U1vUPp@H?5~nC&29y=<#RVnT4iDfR-XtJ@<Ntfi>|ji!X*Ac2JMsV_o`E?L
zoba~oGJpK3k2C><Xt!i-+l8F&CX3tifV)a(%)%FG-Htm5c2{zER7!kxh>Lw$lZ$hB
zSrQht;qBY!;5XW8>s}E=v(4X3=K70-?tddJoQ13}yWwgUjz#%C#L$2P5J)_G$prwU
zAd$*xZ0_K*yC&gtvneeL$sq`DD0sefD!s6^UaDH_pBy|ch>9JEgpQ4Aloog%>YY*Z
ziDUCu%iq?-SaRP-0{J@D0L+_h9y*E!gLFBFmv_ht(g;yy7;boX_LGOFAakG_EjmBt
zVGIxfR%C;x$96yQR`aKORBrpjvb6xAGmuvN!j5iJpI(Y_hV~0D;RUMO9r!Gl^~mT~
zW8VS{`>uy)&uW$p9qoFBgnM%!UIi>Y3hcMSEb(l4Uxhv@E-gVu!M`?}Cou;DN`KRK
zXP8@e&FY<ro^xqj({Dj+gEua&j$B3k!pH4;^tVTAYO)woAAEgf!O!`YK2Z%2A^Ge8
z6SL7&G1e)^<<cjkqp^1}Hja8)h9qXIge0mp{&0c0`ewq#QrYG)Z>riYM{+-B6caHl
z8q9~FceIN=Tb?RhyW(Z?Thh9Pj_tYP?>(eM{Sg-8GzK-8MYV)?PHMGK3T6U2%pWUl
zrt;IV%LzJ$t4jxd*fWv#D#|4Qny#Ho0p`&{g+XoyB0loaODIes*kS*K+k-m+RCf&M
zlM_wsM}j5y(<cKOSXg9uuPNZ5cl56#!md=@dbJfV7g1=mo(Re9Y`LaFggCzFr!7Ts
zMEv9+2WQ`IKYkTsnXyMdSPlHrR^AO1vxoMxU03$&{by12boSj$Lz*36=ywjG#_KL}
zM$rl?D3Spe(x)O?@n2iMV@B)6(hbx%9nD9jx<6E$?7Je!PV5Za2manD1tViDHIVbA
zTYO+M6bSw<d9795_PZujMW8-Gp;D;>+EyLJRIz-nXj~d1)YL{t6&j#`f#1v*<OI(I
zj^xf}L<VlxVw~@o_PbXAY6Y7G{*pZ}+56%$3zrwMsA5e%Gw&6_8oLf%S!`7+IBuev
zk(ecS*+vEqKdm!+70)hr{FoM%*YxbY?;a;C`8er;$B2W$In0QhY2%2(dSyHcY)s|y
zgd6QiLFaAl8~&TUa6od=aBtP-sP7%9gD<HNM1q5XUVJ;f<d)0;=CG?Ri?8R6US0MM
zb=vv+kIFBLVZC4RWJUxyx-8xYB9Ap9S^uF12A}8Ob1`)g1yQ}{3K95>4*s9QzB;U`
z?ps$vDV1(S8YFkaCZ)SWq>+#Y38gpPAR*l;UD6?qv^3J)-3=Fi_nvdUPtWt*_1AjF
z9%HOA-ZkcW)?RbWcd~4%mr~Kl;8A}pRyeG?9~yVX9@N#b)oi>wh#c$nHR0iIjsS*@
zA~JCN72{y#AufzX%u4kUVi%(?)t6r8SP=y-K?*DpKNCU&BX~wk;J%+H$1<+H{ia{-
zHXbER$7rwSK@(gcGh(Z+X>v&$y^ucH&1+Zsr}96m`}~Ym3pMpai3hWTYG-J>+^5py
zyJokaYjFg^4y9CeS{6741q=}k{$~ucE;kib>lFto^8Jr$PzJu9{(#WG2?`2RFU@Oo
z$<JB#LM#)r6BA#f2G9zjDgq-fR&LiUbk5tN`Z*uD)$ezu;7FRdCIK+9cO{yyH+;TV
zpH!=d@HDiA3ZyUxBX?85<t;QmNExCx%j(<rq|Xx5I6<|IL}k;E)m2wXb+4mY<h|S#
ztohuwRbMa8B=(8deB-|~Y@@2ml%bPZ9?*Y|iU{8r*gzVf{1r5=_`K<9t3w;zlv7l2
zxkTJ!1X)4Zi@w#btX(q(ZQ6bBwKim9kQ&vjcW(S*^~19sR%_d&phX1u5|BX$A3=5F
z3t+HMM%k%2ubD4y_yMsxrHGNMFA!m)FH{-a-Cxi*Nb*?ua|IR;zg;`54`9fr6xKYY
z^hR7~xX*t>a<fu35$YhhI}OnmC^&uGcN^1R6Kb(Uqx9i*MF%-9xfU))IIa5I>Wqo6
z;02*phZ$vgr#o7L*L&kX2QNIn6jBlEztDQLONA6WHq3<M@S%zO8)0Jnhacybnv0hx
zTDAk~)=(@KsYIFIoyG!hHCicHJ?`iY*M0Eb<MW(GG4S;#pF9z~c}eTcfr#o}=J|h9
z%u$#t%t+8E=*nwkI4Cw0<6&w#cZDHVhzyA!YHej65Bi@O`G3sm!v8a;3x$C||D4l(
zi>9J7G5(#luW>?R6rh6&0gHu7S*UwS(cryS$zqlbAVY;HsggL0Z>9ePoaBq463~9M
z7Xv=D@$=UQCaCMM9?BmzxqW-iv7a0-Xx!K1vaNfs!A{(lRNh<NWWDe00iqDYKt&$s
zSE{qLJAffhe}XSRAiLiH?%cdlcRKG6uVtt?U>TSps9jx;NJ(LziQkYN7w@-hD&hzv
zfC$iuYAz;Zjx|;dfNob$ue;a|r(xC)E4Ev;df~^676GY%i+)u9h1~u`8U`6^fp%1X
zQ7a7Wuz-)V53dkp&=z_Sjjh-97Dj;=r(_#)RU_gyZ?FA+{sn<3+?{CAoVd30p;5nW
z*fLD9HzQWs;2nxur=?98w!I{}?X!>58{ap3RTJO%JNh~M`f{k(bU7a}rm|Nh!_99k
zdfVZ4QR^6M2n(oZ27{8-LvJ<Ss@z-Us8`rq_*=qen3V|$Qcg-EOdLI4M>(!cx;<eD
zf<=h*oxJ!jFIQjpXWZmvk6QFZlxM{#+U2f}VwzE|iu8X~Q+la9@P%+ys8%WG3#pM@
zXr|Ao<CdG0jN9wbEHTBZQIjpcExVpLJjLx?;HYy@rc7?x7Y_|FJaJMbB}`POwmAJ>
z{}-Hb?`;M>I8R_Z_*3XSCe~MI#-w(>$v@W+<?{aG&;36g&0S6e5Yj#;m4)O3>+Xw3
z>RrT@XdA_JNKS`xZ!_0J=6IYJ8fW+Q4c;%i5AhDg05dxaNivr#YEkjUqhzAKm+gnm
zLeF-7{m7}<bRA&;cUojmy4wx7{@`l+z`r~YstcTpM*t%co?rBGeE6i0nn;r1^e}t`
zd#1rK2oIltG!(Bii=1Vp5^8FjN9WUN?pTY1HauL>=i`HUI`ITjMUIXmX7)+N5F(*h
zXXTILhS%p4p0{E{cgwPa+helpJI@m8BDj(1B{il#gmMw0+x&K9*xok(N@=KwXr|=5
zs2yEx#}_LVldzBoR3Rd_z0QFxyId5+*n4Qlen3%xn5KFXW%tH7)`nkD%PDTS^t{d#
zk0z`0LJ+LOrNkIYbbus<#OvWr@k_X(RLH>AGC_v9<w<+AAkW#5Bc4tmW1EzIVkdGr
zjhL7JW>QgF3zE3O`y_UmVXPK)ZS)4yIE?QAtZU4P4X3PX8Ycily3~OpSsOZna7Q^i
zs`Taw?U$rf9cJgvruiL&<A=7u4mLd860_Obd!Ng5X?8inWz6J$Miaub#b&fMpxalJ
z23}qmYve*;O^UZdT;EAXRpGd!+KHyPjKPMn9rk`@Z~Mxb2>neVftF%Rlgg8WXH8$)
z)}q)-(LdigFvodxbCfibh{?JmLPaB4b@wLft44AV@4!Yur$xj9vyHb>8P7~KydP<F
zow+FVc)n0UC*Qp4IZ8-SaVq4_6%IGeK18MPVH66tIoI`XjPT2@5ek@)HL@Rw-Jk+Q
zkH_^fvOMNvM&VB?Ss150FwqK(p`9o)znv%vRS(j7YyRXjngK5+UF^U<g7>3RgUcJy
zXZd;s!@W_Uayu}%Lx=rtI)<7EOvK?CeFA(f;Ed_z&w0x$)$aSDJcO)$yoYdQOJBx7
z%t=T{Orwxn?Uy9ROQ!TUwTh-%SjMPr9FpZJE#jzc$|r!E<v>pg0gV%xbuZ%CERw$3
zjc$v8oX<sDbIvcy^lp|&5h39LeJv(e_`GZ2d!{$KWnI`7XSO9)?3GFN?fO^Z(#8CD
zi))ol()J5Rs)K?J;tUHiJIcAc!MFxs*91?VhOY-Sl+9`~A-qLuyFMgOUw1A{qZIhc
z^$n7isMshQ9Y}SHZlqhVJY%?Q^3q3=c~>9r8VA96S|-UKT)hPvMF<r<LFVFr)ZQm=
zguV7f4`n>1JMrX@wO8ourylGL-y7cu^k>a@R7?=;3<IcGG=3&m@~YskB#)1&*(u%l
zXfZ%;Eo{_{F|Q5cJG;^h2Y2!XutrmwZmp+QL(0rAG*Be|4f~6zgorrxh&iUsw%eGM
z>JvIk+%t2N4DQM#D#Yk>FO!H>thA}b=bz1AJCO2Z7)}QttppUQF`4yzTlp{+$=0vr
zL~<mUYMorIJ}>V%E>9x2aNpTY;#4;k>epm*)Hf~XUMze$EhiKdMpqh7bfODue%aIi
zjIR8>-g<l)&HD@Vxka;K0?7odLMY=z?ml6qzndHL;S87K`ZWUliTmBTFHA}(0miH)
zwI2PRSb}Al&~z*}h|eZ}b?P)q6Nc0EqZgEqMt#plOC}#8CnF~>-$To|JJnD;Y(7Jv
z*|bXSpzpFo&vwW*eP7kcWBz8mI4k)TREePN3T|DlQQ^9uF34S`D3n>p>lCC{L5j>(
zo5C@t0aGx9NFth_2Alr0)Sq^fq?fCxLouMAAQ`<Kt8GiZK7UcXDTb{$--&nc^^5cL
z7nM^V#5m>$qhZ#M0K53pA|2>};WnK`fbWHHAfNZTmmWx6mtS}KgXv(LKb<hX#KU_#
zMYF=2{$GO;q~%%IEF1L1;|;v-Vu};=bGoX^f%%j95K)BfM>%&jKQ4)_xQ)PHgyd%w
zu^tpcaSR<)4vmj}KB=ZrQBLC%EGQuOBooq(1;VjS9+)6$UvPfZe_8k_m7PxqGOViI
z_S)k+(^m2ZcDnF^V-Z_DSu{5Kk038c@hBJWErJfw1HUYqj1m6^_B2uPH%?9>+@Z(V
zdsN?(Q(B)QB7R|LiD;%C-pR4r)&zW?9CB0gc0PT9>}ZTU-jHt7lu`t?KbermAKE0&
z8NLwSAa*~V2>zb4ID#a+I2eD!9Cf|YW%f*dJf}AU+Inbwit9|zUx731yLUp9^d0#*
z#^=WDm%>;DoBQ2)?>GI!uhG{rD?Jrke@M~fc8aXjAtX%tI)kbX?PPVfeHps3S56%K
zl}Egjm6murx+kZ>ip+_H5(TWUn3;+R5Xzq<#{GWX6(2a@5qB0jYYuTE^G01-+0kb_
zO_ZMdd0m$%m&`b3J3iRm&p3r!){CN1?|j9B;2(}oo-7uhrG@a8`PMtEnqE+U-u^Ye
zQzl2|iZF3eCoN2x#h_j=))2*h_}DubElVC+V3UNibVZ_#Zn1IS9HW=%9YlNU$ME=o
zga#gmMb!GPF#vnyapZ|WCNMPAgW>k`T@dvJ!3cm@Q&0RR51?Ff4;-0Y7j2^hcn4+`
zoeXK}=WCWFyGNz(LrI4N^BHl+QUh~?Tpil?5l-)@K6mBM4>Fcm4`wX0Yrm%{4)azl
z(P?uzNa>K~)u7>SAgJ{%vU}gM_GoB`o@m6<B1c+8{Qa-+s?{}1w^!PNM-hF!wT#ZH
z@flcaQJ#;awE>rvr72c}Anx>V(wc;!kB?oS!}GJhX!^|)FAX^l$&b^2f<EhT4J*~+
zC_uE?6Tiqjl$i;BFI;j^N?AcV8zgllTP+4z2-8@;2<83pxXO8=4j=H{8t85RXy$kl
zu-CJC6{Z}?_iW6;XO(4y;8pyj6DjEu)Lc7r7x&uJ@_u{1SoikFElZ2J6uoa*dEXZG
zN5Z#eC(Kb@-3sqNiFS~OQ@NpyQ>eE}FE%5H!$R2OUvB0zEwNc8iY#wl;HF@F_K9*p
zqUI$MY^roYPr7l2rs<$NkkG4CMd6rLXmsDhLn-kF*d_FBh`+Plc&)oL1f>N`pr^eo
zHe8^aA^IMgM@cxEXMTsOn<4l`?!%#&vv!GQ0ZQOpuBkG{oOn|LGHpqUHIIvrg4Zs>
z+_(!WK=z~c9961ngf8PFG=X2kcDv&^vDzIETW~WQbCk`r41>d3-(K%ZLj2GT<s*c@
zMcVf&P~cFP=AC$3AX47=%eWGsLm$S(7XK)q(bJIlD}30GoR<Ub`|p%-T+t(m0U6uo
zl@>;;D@H~^C~dphRwj5FuE0xp0i+Poh}b<*K0(z!FDx_muiG$So)a3m&|N+tpvj`R
zL*+oGhIwL39Fj%iHj@$Q2?ILtP9Hrw!IxP)FRP`e6jLKtZv~K`89!_U`6|4jn<D<z
zV=DTudyCKDHsb}X>sD947OSwXHEqEz?M9a!xj1FeprfrG87JEax{AIs2u>N|Tdd2Z
z6fd#qW0ii$`G<Q8zQgSib4ClaSN%E|c^d6IBRCdM(K;ce^42#ep9;3ssaoFNM^Mf0
zRZw-}DCy(bZ8!XsViYfV94SzFiz-`PNoMP>`{cf@X#a3h^kLynDi9^=9+805MxU`g
zpP{V#0^arxNqJ|ltf$taqwwkuaUs$l`t%lXJ#;&>uRdfrcY{is@GE!qO`gxe?7HKk
z*xsb-@HG#Yy2e!0-2GJLOL}Xu_sAxpv8rYq_o(Zh4FdiB!m?;9gSxwUMI3CVlZUF8
z6C01r6y$$?Fmw*18?j59%RL=0-aT>qF-K}e{;u)162NHr-1H;l$<CM$9HIMSja--V
z=oa_q`=489R_T__bPaZ@>uoX1QuYyUdJf4U`M&p@5nisspi()bD~_w;kGeaYcIa<D
z3z|GNx;2M@Ctg5VScfr)S}X)oiaxEqbaqOX4c1vdoVS%OE4`PkZYK`6GF9iK*r#OS
z?x{Zr)mr#o2`!Lhf3<C7H-X?p-3yJWkUIZ*_EksLylX0=f~Aas!nZuE*NttRjnAE5
zGig5jmApt{f(sqph)CWXjtU_yH<{xB`DXS9z?FXihpM7D@+XPbEn1^s7VX~Zo(!{$
zeC3ZBL}x-jhw3?<VTJ6t#O*!)+y@gf-Z4J&eMutPkmCE{)Vz<$)pQ6WsNTQ|PmyNH
z9^%JF<tW81-Tu~C10(Cc7f(EO5mBQb1rxcguC#jAi*l6~i^#5esnge-E|2lQN)+cs
zM{@@2Uo<oDCPkR>nc?X^>Gkw5b>_2-V6SsFvYyE#vT<-$YXj{q=#+M<A)H^34!1ob
zD|u`UY74=m9Fr#edYpp@F$~SkkU&Ss4C$+!$V@+J7{6XQUHI0lmc39L<A)WPQ#~l`
zD{A71?&5X<yFEN2e5uLSbffUJ`ue16O6b$2RXHYDpbv%U*Gt4B<M54R^qVFc>U!ZI
zY>qU4F3hJ-j_$B-D%|#7N-Zk^PE=cYPX$i5CwNdhQa2hYPAV4=cjy`?uic)LYHpA1
zzg<a6(CF`NX_N>bdhzuPvM*|}y*J1~e=%Lp9T7C>IypQO_UmkRF_HdaOIvK8%>vEM
zs$X*A*&@cB=Ta_hdMHu=As@O3ZlHdP8NADSVQk++`tp_{MIbyiHagYYwod{}OI1}v
z;|;UlW7qgngkB#bf?J`YS;yf%D$8dn3P(IYQ0Z}Q>M0BdwP8Va5${ua<0;9OekyAN
z+;XawK8DiLoWmzTw22k_*_kb@+VP@W;O=~JHkR0{?oCCID976CSLfA~sf6qWH@iD(
z4#`cUcKN9?*EM4YcW`SowAis=0SCBU<-XQATi}_R0DVOi!ahV*@P{M{KS_%1<4q=%
zRjLV*>VQWGmqdpuCQ5q3?AWZ>6#_$Q7@Us{UPrsQlHJSmIXPygX7KP4Qm<DsVMsge
zSN5t_ukPw1_qv(m)9Bl!-HF<b<_e#z_R{{Avc#^Fb*H<|#*y`sIj%i{57nI>PwsA?
zAlbK=uv0;J5lp#kJK-XNFU`#PY^dzzJ?Nf=HQipO$n~!qu2UTN6g<OjQMbHSCLBbS
zuMd30A@j*W^dnQQyMg&ku@B!Sv2v4aUXQ7isa#$Njm+*MW$B>4k<0rkt`eg3oyeV~
zUD3B>cY)EY#t;q`5a@;&%#$JCLD^+cmOiKHO?|BK0g;C`D=5CiEtEjBUEQ;jKSNkX
z|A7z~G|Eun&F64+u$nRwk)FMjQB%HaU9(Z>ydWnr&?PZIC=RiVMvE>Lcd#aFCw8X^
z6r}1~p|H_+4|@XsFedqItbDi=6R7?=(*}3+_Ur4DR-LfwmTvmm>`VGC89zh%4kKUD
z9N&(|9f(|#?r*)rQiswuoW5@sikaA63EP5Il5~?alXMLe*m_yJ>AD97dV5q+NVK9q
zV|Z*YvWs(xX#!F9wt{2^yV&=`1Qz^$iC>3SsdXDqL;*Cr$zMGdD4@*MgHVUV0TDc}
z(M8nWlxe4E(0M*tix<9U?bFal;S~;92X=j*GeR`&yQgL<uH(8~t6l31n=u+0t*;tN
zSBd#%T~Z?ml<FN27mMvy_A!s8pM?Cpzt|W){F&VD*_Wl|!dc-_xqaGD5>8B@7AQ}~
zux6BL-|qaR`UQ{M*1{NarM7~QR*yFxU)$FPBgbJ~K?P#{zR25iVDGbMFHqjhP5orN
zv+6=be<3Ewz^ekOMkLko@tD?=%wMlZCdowhTYUQxRFNN49=Qc7%h|Zl&RSv$y*u7K
zz>23PMiG4?Y7E@OS`T6);oXPjcpzQD6aexeFZovoFYBb)#L1_p%&;@$Mq>s^rpk*4
zFltMWNmt04Xx?edm`DiWVA3rHnFe!_AxII)BXlaqS$*$qa*Mv_Ro2u>s0Eo#ZdDvP
zey+SLe%BBun3z2r-tem-MCOYJ-fH|ar(GvmrHXj^`C7{3{XE(tBTHjb`v|T=x?<eQ
zve#$!IWTcZ6+~_4b@G%yFVc>hIn_OnKi}+9d3m`4=#aZIqqLzkP5tTq3!LX!26lXi
z-TLB0r_#%`6lRGe%WmNEmzhn2^`^@`b`ozzVJyj;Z?)$+HI5=zXu$^6**=+EuxJ~z
z?83qvb**W;vjzJ0yWJ(`uN+I&{Ry;hFE%5yrM1Bz+1O*Eb9)D(;+(g?M8oEzThj-*
zOx5M=t&EAJ^r8qh9r%9K4Fry*>{^;3tT-%~!h03i^1H)39`>r2N>r?$+O{*V=Uo~Z
zj>0p1+h4mhp5*+>)Mym<X<>j>U|@h`sF3GQA}aauS;G5ieiQHc+PI1n5m_X@pY^ML
z7H?g6CY%b~w$Cnu!BXF_s%c^LY;5#ppln*5j3C~W3=!6b<D2@4*zpwIDP~+g1lL6Q
z`333mOM%;u<<-{j9MibC`Qb>}<*(?_%ZD?D@ji&Jw@m5a`GC!5g_hfBmgp2E%O(XS
zygjH^sqrQZ9ow_hl9EtORRSQ2L3oNfp7QHkw36jGC-hSZCq`)yW-w{C`Sa*lqS)Sc
zak*Y29>vNlHqO0=ofyq{%*0)`5ZuqlIAc_)YMq(nC@oA$ZIOhV`@%1Yz|WmCcc0!i
z(E-`6yo<Y8$rzu8;5vg#g}WDR$i`c+Tg@~Iq=};e!D(jYm_3p`u9x@}S({gst~i`S
zfvcut+4R2I(Mz<l$*ai$jT5{2&@t1=kTHH)|66)ekgQ?U$Z%v-e&m@Xg1#p_D)6hM
zp*WxOQ<^l(J;XuBS|3-FAhpFCb86hEs4W334}2B7%T<XmDFtg;>)!NY^Xjm<*ABVd
zCA{^#^;}H^WvZ(|J!_$r?s5-%zMMw>;<hdqa^wmYaPbgt?Mk&4c+|oX{IXAdk+Q)x
zs-`c@d{1RmZLDJVy6!tl8Aoirwnb5+7KO!az58?qOwaJ$v-=Ov;#78uvsCw)#3^FP
zNngZ}HcBhrKgoE0DITSH!}DLOk&<p`QD885RO^ib65zkSI1^zAbBJ(Aawu>pMH$`-
zBEtYtT7_g$qz%jn5GNS+&ri*2PAbapi4dL*KXXGWv#_HwoL-rY;qpvzPfaPeWO$K#
z1?W{)QROmePNE_|LDug^L&wk;SD4Wt{7{6&kE~IlA#PLByAf~ou`^G4y0&E9j`x@z
z37?Pe*5LWQ&G#9X`NpQ}`X(3pkWt?V2|8iKEuK=;yNoCX){v0UOFHP(6-@BtOF)};
zJ8m(l;i7evyPdvhG`aE;LyJ}MFWEZNi}1&LHp@mP&KS0SAf-UVtsCsEPCs@`a!&V#
zYF(jsVoH5m&{tcWjB*KuVSNhcw;3s<$rRtXb#A$D8QHjD)IfG_etG}{I|%x=k?Mix
zS?~oxMoJVOF8Q~kOL6h$`+fYUZ6N{j2hvILUy>rZ8QEw+21dpzC;4e(=0qKZ+Qj6X
zp87-}!9FI2IMRL}KybW*F~;$Gh7hOJLj!(2V^DA0+dhlV)cAH(fL&a5Tx}n(G5<FY
z3`0KvGbRnKkyJcOBuV!<dpi49E$M8;-taq94xUK95V7=7lp3T0G_B}H79NNKywr9u
zPH-BHk8+3S;+LMy^xj8}1_6<V&yQ<pB}Cl5vWx~R*M3qs@=FRS?75M>c@9ZDDUV=+
zPoE98dm~#G7g!aJs1~kgDx$5-*Hks`v8q)qiMbhwX;%U9OMY-`84mj6CezFzw&GGO
z?F<KF+<%B{sjHhY1NEcIIZwKHJXyd*Kb40>AjrHpbWIxVNJMWw_;3Z&E(ZkJi0nGF
z5z{R^qg^0$+?_Zt#(7nOwSG7B;wUTukcq)#sy|_A*39eU*}xVS$0p&PE@%~~sx|64
zxOVyL<<CnxL#K_S&+o0#`{Ht#5IxM}dZ8gTvo0ui_J>CU19tf@*ciaY5vrRqQ!`!}
zyvfXZElYF=R`T^voAZ^~l|~M(+VWUb;WH>tSUxXhzGdsqX;@R&Ql}^yoY;_gW^AWi
zoBvo#iUrt79zDiA;@3AbbNYCEs!Iz=2Y;cWRLX`}V4sAc3GI?#XNW2LC1Tnj03eS!
znLSR-Vv^{Ho}H#@S?&qLtrXr$SvZqtH=qweem=9Hs#EN^a?ZKLZ6Mjx>cs5C)i>EO
z3nyFye;h?UT@h`q^#8o)$zr`-N+QVPTGK{IhfF+i|9C1!1eKCxrp1Ujq;OB^3uiQJ
z`3dRMlUm6v=E#lGnXnkXK*R!N04{58_~ZS7xw?<iTCxN>fp$UPf-A`cM296R&$B@B
z$qJ1^Sqtpd&2AdBq{F%^40m3kiU`5Hw^MzrcJ8#;jcQ`h(N(e$r={Sq*90tY?(tXr
zHJ-b`7N;6=2n=-ImSH?l1DkELI6&haZmv4*4QQUX=}YSDcU$c0j37|ued8EDq4Q!S
zD7UQ~BPRPvPyB?m=z7!nPmS&DYV!>}T+i!fe?Z>zwJhuZtk(SYDQoN)qu)Fqg~iph
zZCGYAXUAEKk>^5nyRtEL)tobr`Ivmf^wToI<yc*hAG6)DnCk3fO}pMNM~f%2iOEp~
zLj^1K)%31f<Xe(i*6fHA$vjE3p0#RYi=RzN)<f1~)&o{ud2(O1uoCZvL{h_(uY06=
zq(kx}L0W#&Myj>Z8a)ve$f^ix?8l$tEJzuwz14!Wv1+FH)ukp?CV%7@ww8aR06QW1
z;@EvCrp8`p^5)LGD~?2adk|fBwx(UFYOL`YD(@DNPW6V~S~?VQ(Es#MtHHQ;4l_aY
zF#@lTweZ_#V;xbl{Uo0Rh6tvCqZ&){OO50q?pjXKSJKy)7R4NC3SMuWG;Nw^eBdb&
zfzxN!tia*s_4MEuyC&Bk%+xfppeutEA6#W`)=tFw#~T_iDEOysi?!F%Ogz-PJ-^aY
z+fJHNd@<>ZLXUAoaPw(bCBR0v3v)0HLk(ngkOdq)Jag)PzKX1-O|}vlS0FQsz&<IT
zZF)b_zArk@A5s4CHEJA9GgZqiIo3>Ou3=ylFXg1~;8rDtgJ<B@Tl!)JcT!gqsgsM7
z9cVtQn>+h>PepWH{*jWF&eyuRh9Xz&nB>{ihWtmwWI-1@2&cu$vQ?JS$Pl`aeJ&jx
zyuq>~EBW)aFzGK!mG5glp$IG8lv)f;v7t59jXWQ2L&LH!az#jeLM4%@T%nR>qWBny
zT{B_XZ7y@g&-SXyJg{*EE%%O@MF6knD{b))e6iMov_~aBzQ^h$zQ7@G2=KqWt|_S}
zzQhTPC5~u#F@tbG(L%VR22@MOs!ITGN4rAlnPZ+hi1=DmWXCY8P^#uCpo*{>_RHDS
zaj^=B(|OuAJ)YfJmwVDBxNJ7sgjDFw8?H7+ONk3-U;Bnl=2aRZLnlSUxZF^DfwEQm
zYjmoAe|~r{U^`FmjoC3~ume25dDTwYSa0%SBdE2Z&NIX;+J$h;2oL*`w<E&pTW8Wl
zq=dgyrI2nBSTox>Gk>$5KRZS~OAuyaYdeCedV58W`%|-WyNSs%DZN?2BlrvKRbDx_
zTC$$$syvA;-#M+?%HUe+l}fs`#3t7|tC1uWPkWL3+O=(Oq$lj=475A3apw*laWA4O
zc$2DKH-h+F-V)5TG2aE8Fy{U4_;EcR+`!9c_r#o5OSqA6(<mUspJ!$_D){T+QL-6_
zRO&10<m%?rLt(vZqD@02Kdi`9?sh@10>|gATn3t^Y|&?_bBz*N?TKD+p92x+X|x%4
zKYhmMzf>|x)l&<u09MXsR54CJZ<nm#bL#JwIy@1`;wc&9nxE?3o97pfgE8k3IY(((
z?Kq;Z(6A^_1lKb1<&J^+6Y#>BU;&n`J}_yaEu(pEkttw1bPB{@)jCh&JKsDKYvNi-
z9h4VVTW>UtgHM4yxXkq;0J|J9DgTJgQZccE5RWPp1)kwbc|Z%`ypeZ4rkj83T$r&4
z!9bLz-}^~cn~Cu_d~H!D@g1lx(OTkx>+#;Ves_PZ`B59vO3QvWTE6@36)E2<LS34+
zPMxIFwDn+1M){*|v)R`8mSgE?5o6`Ag;LzU9)q)9x>gf&G2K7r2>B-Qp9gf(IB_{y
z6MmY-+v71#I^QtWXDsGxxL+=Dz2_6lqrpWSn>xkJC-1CVm-D+0TX4Q@3Ctv!P+>l=
za5b}PL$fhx$+35iH{CE&GwEU(!2TNhHVdBu6Rkl}!lMCX7dYu2FZ=Ay#!X#eUc?8Z
zG%Tm$^BhjMUMY<`zwsM&#&}kqUDqi#l+UAXz0dEyo}Q4ps(yqnjA}9~9f{Az?H!yU
z#EHl*NeT`0S+9=Td$R2syv2@gRj!|_2XakvM~x)SWW(yh1Lb%Y^YC@&UIRoLn)`($
z?M=@z-kTX?<zzqf0*U0s*E@Fba(^n}niZwED!#C?UOvCaLm^yA!~ezDERp&4jSaT5
z6*{OnmFGJefgxt%=9hVZI0!eO0V5rNAonX5-!bonu~I(Y#uPygxG{I^;dZ#;qKPD~
zoO#%l(NrKt(K)<&H|ZNQM$NDO`$xFfF|Ja{Jf`4Gri>9C-pl2rq}^DT`MZ7O<->tS
z%`?5#@tiLgLIt3syDa}k$@53h9v9=$%J+6GYU6r#ilXk7<GDbK<_<q0Z+BR&QdW&=
z6VpzoZnJS6Prv=AkA-HMc(u%K9kvgAM(t~#KM?2?1nL+?ljWv$YovL7OKGc;Nom+K
z8OM=ryqIu4$emO4_7RL}@t3u-dU`C-B{Z2?J%x@Gh=d3G&64(yh4nDt@79XyJWM2B
z96Z>6*cbk%?*az;&yOtRNJfN6u<8f^5-l<+m>UR<tpOo{{_oiy2&tJtAINEB2r%Si
z0~i|t*?>S}eKx?u!3H;maKZFp@OMA}n2{rP28hH^eFa8pMM42TIB9|+z5LI~A{2=e
z2^LEVLn0RhadE*Pm>7N^R8~}&|2cs{fZ&IgkblWQT%4SMKV_U?FeugmhD3(|LH_;~
z4(EJewD^}7FckEg_u=0%5ac(hz`tZr82oor%D-e_AlF|q=))g}-+G7#&HoM`41{n!
z@Ll}N81mrn0quXuzyKK6pBILJ!GGC;fneaDwjeI}KZE{#eE<N&3E}+n!T=Bi{wHn#
zFp%>vhj0Mop;mq$|D6bk69)V<zz5sE5&>``fbc(|2EjRje>wy|aP|EOKL`$h|EUM!
z<osQm{|W}c2?9Pafc#qq2mW8Zhy4F1YB=yO6hNGC!2e>*^=B|ZAQ1Ma9taKs|CJmU
z0Qyf<|AYU7G1mi+#lIp1LO_7OvV(&Gf9ip_fbc(W-Gl9KzLkIb;{yF2(*Kfy;9vyj
zpVbQDdZ?s76oFhIu0I`ufS}(5E`K<LaQ=x5hzs(++5W$pLHq-L2pIBLFmNdJFIc%?
zpuc1g@ZZCj6Z}^lf#9%zKOlbN|L`pM>q!EJa{UEA1kA<t=lz7h;eS;+^kLlni42qz
z{8u7i02GG!)8WI21^s!S9{l|^6v3dsGya{&pY;KIcuxL9W^b!+YGGviKsZCip=|1G
zgiHmCrRGDT(h-9Si--VWqEJpKoC^XHc>qNOCME`igFz5MA)p99@Bddr`!~IhoxQ%T
Wy`!y>F(wT1fHo#Qy{Nnx=KldMuUTjS

diff --git a/tzpfms.ps b/tzpfms.ps
index f5749f7..e5b9951 100644
--- a/tzpfms.ps
+++ b/tzpfms.ps
@@ -1,15 +1,15 @@
 %!PS-Adobe-3.0
 %%Creator: groff version 1.23.0
-%%CreationDate: Fri Mar  1 12:13:15 2024
+%%CreationDate: Fri Mar  1 12:15:16 2024
 %%DocumentNeededResources: font Times-Roman
 %%+ font Times-Bold
 %%+ font Courier-Bold
 %%+ font Courier-Oblique
 %%+ font Courier
-%%+ font Symbol
 %%+ font Times-Italic
+%%+ font Symbol
 %%DocumentSuppliedResources: procset grops 1.23 0
-%%Pages: 10
+%%Pages: 15
 %%PageOrder: Ascend
 %%DocumentMedia: Default 595 842 0 () ()
 %%Orientation: Portrait
@@ -237,8 +237,8 @@ setpacking
 %%IncludeResource: font Courier-Bold
 %%IncludeResource: font Courier-Oblique
 %%IncludeResource: font Courier
-%%IncludeResource: font Symbol
 %%IncludeResource: font Times-Italic
+%%IncludeResource: font Symbol
 grops begin/DEFS 1 dict def DEFS begin/u{.001 mul}bind def end/RES 72
 def/PL 841.89 def/LS false def/ENC0[/asciicircum/asciitilde/Scaron
 /Zcaron/scaron/zcaron/Ydieresis/trademark/quotesingle/Euro/.notdef
@@ -276,15 +276,372 @@ def/PL 841.89 def/LS false def/ENC0[/asciicircum/asciitilde/Scaron
 %%BeginPageSetup
 BP
 %%EndPageSetup
+/F0 10/Times-Roman@0 SF(ZFS-FIDO2-ADD-B)72 48 Q -.4(AC)-.35 G 42.103
+(KUP\(8\) System).4 F(Manager')2.5 E 2.5(sM)-.55 G 39.602
+(anual ZFS-FIDO2-ADD-B)-2.5 F -.4(AC)-.35 G(KUP\(8\)).4 E/F1 10
+/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
+(zfs-fido2-add-backup)108 96 Q F0 2.5<8a61>2.5 G(llo)-2.5 E 2.5(wa)-.25
+G(nother FIDO2 de)-2.5 E(vice to unlock ZFS dataset)-.25 E F1(SYNOPSIS)
+72 112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q/F3 10/Courier-Oblique@0
+SF(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0(After)108 153.6 Q/F4 10
+/Courier@0 SF(zfs-fido2-change-key)7.564 E F0 5.064(\(8\) deri)B -.15
+(ve)-.25 G 7.563(st).15 G 5.063(he k)-7.563 F 5.363 -.15(ey f)-.1 H
+5.063(or a dataset from a FIDO2 de).15 F(vice,)-.25 E F2
+(zfs-fido2-add-backup)108 165.6 Q F0(may be e)2.5 E -.15(xe)-.15 G
+(cuted to e).15 E(xtend this to an)-.15 E 2.5(yn)-.15 G
+(umber of additional de)-2.5 E(vices.)-.25 E .273(First, the wrapping k)
+108 182.4 R .574 -.15(ey i)-.1 H 2.774(se).15 G .274
+(xtracted as normally during)-2.924 F F4(zfs-fido2-load-key)2.774 E F0
+.274(\(8\), then a credential)B 1.604(is made as-if during)108 194.4 R
+F4(zfs-fido2-change-key)4.104 E F0 1.604(\(8\) \(e)B 1.604
+(xcept the "primary" de)-.15 F 1.603(vice and all the ones)-.25 F .185
+(holding backups are e)108 206.4 R .185(xcluded from the search\); ho)
+-.15 F(we)-.25 E -.15(ve)-.25 G .985 -.4(r, t).15 H(he).4 E F4
+(hmac-secret)2.685 E F0 .185(is instead used as a sym-)2.685 F 1.555
+(metric AES-256-GCM \()108 218.4 R F4(EVP_CIPHER-AES)A F0 1.555
+(\(7ssl\)\) k)B 1.855 -.15(ey t)-.1 H 4.055(oe).15 G 1.555
+(ncrypt the wrapping k)-4.055 F 1.855 -.15(ey d)-.1 H 1.555
+(irectly with a).15 F(random IV)108 230.4 Q(.)-1.29 E(This turns the)108
+247.2 Q F4(xyz.nabijaczleweli:tzpfms.key)2.5 E F0 -.25(va)2.5 G
+(riable into).25 E F3(salt)108 259.2 Q F2(:)A F3(credential-ID)A F2(:)A
+F3(credential-public-key)A F0([)A F2(.)A F3(backup-salt)A F2(:)A F3
+(backup-credential-ID)108 271.2 Q F2(:)A F3
+(backup-credential-public-key)A F2(:)A F3(IV)A F2(:)A F3(encrypted-key)A
+F0 1.666(]...)C F4(tzpfms.key)108 288 Q F0 2.238
+(is actually a dot-separated list of de)4.738 F 2.238(vice b)-.25 F
+4.738(undles. The)-.2 F 2.239(\214rst one is as-described in)4.738 F F4
+(zfs-fido2-change-key)108 300 Q F0 5.181(\(8\). Subsequent)B 2.681
+(ones also include \(identically-encoded\) IVs and en-)5.181 F
+(crypted blobs.)108 312 Q F4(zfs-fido2-load-key)108 328.8 Q F0 .081
+(\(8\) shops assertions around de)B .081(vices in a de)-.25 F .082
+(vice-major order \212 depending on)-.25 F(de)108 340.8 Q
+(vice numbering, a backup may be loaded e)-.25 E -.15(ve)-.25 G 2.5(ni)
+.15 G 2.5(ft)-2.5 G(he primary de)-2.5 E(vice is present.)-.25 E F1
+(ENVIR)72 357.6 Q 1.666(ONMENT V)-.3 F(ARIABLES)-1.35 E F4
+(TZPFMS_PASSPHRASE_HELPER)108 369.6 Q F0 .046(By def)133 381.6 R .045(a\
+ult, passphrases are prompted for and read in on the standard output an\
+d input streams.)-.1 F(If)5.045 E F4(TZPFMS_PASSPHRASE_HELPER)133 393.6
+Q F0 1.595(is set and nonempty)4.095 F 4.096(,i)-.65 G 4.096(tw)-4.096 G
+1.596(ill be run via)-4.096 F F4(/bin/)4.096 E F2 3.262(sh \255c)B F0
+(to)4.096 E(pro)133 405.6 Q(vide each passphrase, instead.)-.15 E .643
+(The standard output stream of the helper is tied to an anon)133 422.4 R
+.643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
+133 434.4 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
+(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F4($1)143 446.4 Q F0
+(Pre-formatted noun phrase with all the information belo)160 446.4 Q 1.3
+-.65(w, f)-.25 H(or use as a prompt).65 E F4($2)143 458.4 Q F0
+(Either the dataset name or the element of the TPM hierarch)160 458.4 Q
+2.5(yb)-.05 G(eing prompted for)-2.5 E F4($3)143 470.4 Q F0("ne)160
+470.4 Q(w" if this is for a ne)-.25 E 2.5(wp)-.25 G
+(assphrase, otherwise blank)-2.5 E F4($4)143 482.4 Q F0("ag)160 482.4 Q
+(ain" if it')-.05 E 2.5(st)-.55 G
+(he second prompt for that passphrase, otherwise blank)-2.5 E .177
+(If the helper doesn')133 499.2 R 2.677(te)-.18 G .177
+(xist \(the shell e)-2.827 F .177(xits with)-.15 F F1(127)2.677 E F0
+.178(\), a diagnostic is issued and the normal prompt)B(is used as f)133
+511.2 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
+G(ther reason, the prompting is aborted.)-2.5 E F1 1.666
+(FIDO2 back-end con\214guration)72 528 R(En)87 540 Q(vir)-.4 E .625
+(onment v)-.18 F(ariables)-.1 E F4(FIDO_DEBUG)108 552 Q F0
+(If set, enables lib\214do2 deb)173 552 Q
+(ug logging to the standard error stream.)-.2 E F1(De)87 568.8 Q .625
+(vice selection)-.15 F F0 .727(When creating, the \214rst de)108 580.8 R
+.727(vice which supports the)-.25 F F4(hmac-secret)3.226 E F0 -.15(ex)
+3.226 G .726(tension is used.).15 F .726(When loading,)5.726 F
+(the assertion is shopped around to e)108 592.8 Q -.15(ve)-.25 G
+(ry such de).15 E(vice.)-.25 E F1 .625(See also)87 609.6 R F0
+(The lib\214do2 documentation at https://de)108 621.6 Q -.15(ve)-.25 G
+(lopers.yubico.com/lib\214do2/.).15 E F1 1.666(SPECIAL THANKS)72 638.4 R
+F0 1.6 -.8(To a)108 650.4 T(ll who support further de).8 E -.15(ve)-.25
+G(lopment, in particular:).15 E F1<83>128 662.4 Q F0(ThePhD)7.5 E F1<83>
+128 674.4 Q F0(Embark Studios)7.5 E F1<83>128 686.4 Q F0(Jasper Bekk)7.5
+E(ers)-.1 E F1<83>128 698.4 Q F0(EvModder)7.5 E F1(REPOR)72 715.2 Q
+1.666(TING B)-.4 F(UGS)-.1 E F0(https://todo.sr)108 727.2 Q
+(.ht/\001nabijaczle)-.55 E(weli/fzifdso)-.25 E F4
+(\001nabijaczleweli/tzpfms@lists.sr.ht)108 744 Q F0 83.762(,a)C(rchi)
+-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E(https://lists.sr)
+108 756 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25 E(fzifdso 0)72
+817.889 Q(February 29, 2024)153.568 E(1)183.837 E 0 Cg EP
+%%Page: 1 2
+%%BeginPageSetup
+BP
+%%EndPageSetup
+/F0 10/Times-Roman@0 SF 41.363(ZFS-FIDO2-CHANGE-KEY\(8\) System)72 48 R
+(Manager')2.5 E 2.5(sM)-.55 G 38.862(anual ZFS-FIDO2-CHANGE-KEY\(8\))
+-2.5 F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0
+SF(zfs-fido2-change-key)108 96 Q F0 2.5<8a63>2.5 G(hange ZFS dataset k)
+-2.5 E .3 -.15(ey t)-.1 H 2.5(oo).15 G(ne authenticated by a FIDO2 de)
+-2.5 E(vice)-.25 E F1(SYNOPSIS)72 112.8 Q F2(zfs-fido2-add-backup)108
+124.8 Q F0([)2.5 E F2<ad62>1.666 E/F3 10/Courier-Oblique@0 SF
+(backup-file)6 E F0(])A F3(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0
+2.867 -.8(To n)108 153.6 T 1.267(ormalise the).8 F F3(dataset)3.767 E F0
+(,)A F2(zfs-fido2-add-backup)3.766 E F0 1.266
+(will open its encryption root in its stead.)3.766 F F2
+(zfs-fido2-add-backup)108 165.6 Q F0(will)14.654 E/F4 10/Times-Italic@0
+SF(ne)14.654 E(ver)-.15 E F0 12.154(create or destro)14.654 F 14.655(ye)
+-.1 G 12.155(ncryption roots; use)-14.655 F/F5 10/Courier@0 SF
+(zfs-change-key)108 177.6 Q F0(\(8\) for that.)A
+(First, a connection is made to the FIDO2 de)108 194.4 Q(vice, which)
+-.25 E F4(must)2.5 E F0(support the)2.5 E F5(hmac-secret)2.5 E F0 -.15
+(ex)2.5 G(tension.).15 E(If)108 211.2 Q F3(dataset)3.244 E F0 -.1(wa)
+3.244 G 3.244(sp).1 G(re)-3.244 E .743(viously encrypted with)-.25 F F2
+(fzifdso)3.243 E F0 .743(and the)3.243 F F1(FIDO2)3.243 E F0 .743
+(back-end w)3.243 F .743(as used, the meta-)-.1 F .926
+(data will be silently cleared.)108 223.2 R .926
+(Otherwise, or in case of an error)5.926 F 3.426(,d)-.4 G .926
+(ata required for manual interv)-3.426 F(ention)-.15 E
+(will be written to the standard error stream.)108 235.2 Q(Ne)108 252 Q
+.465(xt, a ne)-.15 F 2.965(wc)-.25 G .465
+(redential of type ES256 is generated on the de)-2.965 F .464
+(vice \(with relying party ID)-.25 F F5(fzifdso)2.964 E F0(and)2.964 E
+.499(name equal to the dataset name\) with the)108 264 R F5(hmac-secret)
+2.999 E F0 -.15(ex)2.999 G .499(tension requested; the de).15 F .499
+(vice PIN, if an)-.25 F -.65(y,)-.15 G(is prompted for here.)108 276 Q
+(This mimicks a W)5 E(ebAuthn re)-.8 E(gistration step.)-.15 E .962(The\
+n, the credential is asserted with a 32-byte random salt, which hashes \
+it with de)108 292.8 R(vice-pri)-.25 E -.25(va)-.25 G .962(te data,).25
+F .137(and thus generates the wrapping k)108 304.8 R .438 -.15(ey \()-.1
+H .138(which is optionally back).15 F .138(ed up \(see)-.1 F F1(OPTIONS)
+2.638 E F0 2.638(\)\). This)B .138(mimicks a)2.638 F -.8(We)108 316.8 S
+(bAuthn login step.).8 E(The follo)108 333.6 Q
+(wing properties are set on)-.25 E F3(dataset)2.5 E F0(:)A F1<83>128
+345.6 Q F5(xyz.nabijaczleweli:tzpfms.backend)7.5 E F0(=)A F1(FIDO2)A<83>
+128 357.6 Q F5(xyz.nabijaczleweli:tzpfms.key)7.5 E F0(=)A F3(salt)A F2
+(:)A F3(credential-ID)A F2(:)A F3(credential-public-key)139 369.6 Q F0
+([)A F2(.)A F0 1.666(...)1.666 G 1.666(]...)-1.666 G F5(tzpfms.backend)
+108 386.4 Q F0 2.708(identi\214es this dataset for w)5.208 F 2.707
+(ork with)-.1 F F1(FIDO2)5.207 E F0(-back-ended)A F2(tzpfms)5.207 E F0
+2.707(tools \(i.e.)5.207 F F2(fzifdso)108 398.4 Q F5
+(zfs-fido2-change-key)60.227 E F0(\(8\),)A F5(zfs-fido2-load-key)56.728
+E F0(\(8\),)A F5(zfs-fido2-add-backup)108 410.4 Q F0(\(8\), and)A F5
+(zfs-fido2-clear-key)2.5 E F0(\(8\)\).)A F5(tzpfms.key)108 427.2 Q F0
+.486(is a colon-separated tuple of unpadded URL-safe base64 blobs; the \
+\214rst one is the ran-)2.986 F .217(dom salt; the second represents th\
+e ID of created credential, and the third \211 its public k)108 439.2 R
+-.15(ey)-.1 G 5.217(.T)-.5 G .217(here e)-5.217 F(xists)-.15 E
+(no other user)108 451.2 Q
+(-land tool for deciphering this; perhaps there should be.)-.2 E
+(Finally)108 468 Q 12.006(,t)-.65 G 9.506(he equi)-12.006 F -.25(va)-.25
+G 9.506(lent of).25 F F2 9.505(zfs change-key)12.005 F<ad6f>17.171 E F5
+(keylocation=prompt)15.505 E F2<ad6f>17.171 E F5(keyformat=raw)108 480 Q
+F3(dataset)6.106 E F0 .106(is performed with the ne)2.606 F 2.606(wk)
+-.25 G -.15(ey)-2.706 G 5.106(.I)-.5 G 2.606(fa)-5.106 G 2.606(ne)-2.606
+G .107(rror occurred, best ef)-2.606 F .107(fort is made)-.25 F
+(to clean up the properties, or to issue a note for manual interv)108
+492 Q(ention into the standard error stream.)-.15 E 4.056<418c>108 508.8
+S 1.556(nal v)-4.056 F 1.556(eri\214cation should be made by running)
+-.15 F F2 3.222(zfs-fido2-load-key \255n)4.056 F F3(dataset)7.555 E F0
+6.555(.I)C 4.055(ft)-6.555 G(hat)-4.055 E .729
+(command succeeds, all is well, b)108 520.8 R .729
+(ut otherwise the dataset can be manually rolled back to a passphrase)
+-.2 F(with)108 532.8 Q F2(zfs-fido2-clear-key)5.147 E F3(dataset)8.647 E
+F0(\(or)5.147 E 5.146(,i)-.4 G 5.146(ft)-5.146 G 2.646(hat f)-5.146 F
+2.646(ails to w)-.1 F(ork,)-.1 E F2 2.646(zfs change-key)5.146 F<ad6f>
+10.312 E F5(keyformat=passphrase)108 544.8 Q F3(dataset)6 E F0
+(\), and you are hereby ask)A(ed to report a b)-.1 E(ug, please.)-.2 E
+F2(zfs-fido2-clear-key)108 561.6 Q F3(dataset)7.606 E F0 1.607
+(can be used to clear the properties and go back to using a)4.106 F
+(passphrase.)108 573.6 Q F1(OPTIONS)72 590.4 Q F2<ad62>109.666 602.4 Q
+F3(backup-file)6 E F0(Sa)203 602.4 Q .353 -.15(ve a b)-.2 H .052
+(ack-up of the k).15 F .352 -.15(ey t)-.1 H(o).15 E F3(backup-file)2.552
+E F0 2.552(,w)C .052(hich must not e)-2.552 F .052(xist beforehand.)-.15
+F .693(This back-up)203 614.4 R F4(must)3.193 E F0 .694
+(be stored securely)3.193 F 3.194(,o)-.65 G -.25(ff)-3.194 G 3.194
+(-site. In).25 F .694(case of a catastrophic e)3.194 F -.15(ve)-.25 G
+(nt,).15 E(the k)203 626.4 Q .3 -.15(ey c)-.1 H(an be loaded by running)
+.15 E F2(zfs load-key)233 638.4 Q F3(dataset)6 E F5(<)6 E F3
+(backup-file)6 E F1(ENVIR)72 655.2 Q 1.666(ONMENT V)-.3 F(ARIABLES)-1.35
+E F5(TZPFMS_PASSPHRASE_HELPER)108 667.2 Q F0 .046(By def)133 679.2 R
+.045(ault, passphrases are prompted for and read in on the standard out\
+put and input streams.)-.1 F(If)5.045 E F5(TZPFMS_PASSPHRASE_HELPER)133
+691.2 Q F0 1.595(is set and nonempty)4.095 F 4.096(,i)-.65 G 4.096(tw)
+-4.096 G 1.596(ill be run via)-4.096 F F5(/bin/)4.096 E F2 3.262
+(sh \255c)B F0(to)4.096 E(pro)133 703.2 Q
+(vide each passphrase, instead.)-.15 E .643
+(The standard output stream of the helper is tied to an anon)133 720 R
+.643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
+133 732 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
+(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F5($1)143 744 Q F0
+(Pre-formatted noun phrase with all the information belo)160 744 Q 1.3
+-.65(w, f)-.25 H(or use as a prompt).65 E(fzifdso 0)72 817.889 Q
+(February 29, 2024)153.568 E(1)183.837 E 0 Cg EP
+%%Page: 2 3
+%%BeginPageSetup
+BP
+%%EndPageSetup
+/F0 10/Times-Roman@0 SF 41.363(ZFS-FIDO2-CHANGE-KEY\(8\) System)72 48 R
+(Manager')2.5 E 2.5(sM)-.55 G 38.862(anual ZFS-FIDO2-CHANGE-KEY\(8\))
+-2.5 F/F1 10/Courier@0 SF($2)143 84 Q F0
+(Either the dataset name or the element of the TPM hierarch)160 84 Q 2.5
+(yb)-.05 G(eing prompted for)-2.5 E F1($3)143 96 Q F0("ne)160 96 Q
+(w" if this is for a ne)-.25 E 2.5(wp)-.25 G(assphrase, otherwise blank)
+-2.5 E F1($4)143 108 Q F0("ag)160 108 Q(ain" if it')-.05 E 2.5(st)-.55 G
+(he second prompt for that passphrase, otherwise blank)-2.5 E .177
+(If the helper doesn')133 124.8 R 2.677(te)-.18 G .177
+(xist \(the shell e)-2.827 F .177(xits with)-.15 F/F2 10/Times-Bold@0 SF
+(127)2.677 E F0 .178(\), a diagnostic is issued and the normal prompt)B
+(is used as f)133 136.8 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)
+-.1 E 2.5(yo)-.15 G(ther reason, the prompting is aborted.)-2.5 E F2
+1.666(FIDO2 back-end con\214guration)72 153.6 R(En)87 165.6 Q(vir)-.4 E
+.625(onment v)-.18 F(ariables)-.1 E F1(FIDO_DEBUG)108 177.6 Q F0
+(If set, enables lib\214do2 deb)173 177.6 Q
+(ug logging to the standard error stream.)-.2 E F2(De)87 194.4 Q .625
+(vice selection)-.15 F F0 .727(When creating, the \214rst de)108 206.4 R
+.727(vice which supports the)-.25 F F1(hmac-secret)3.226 E F0 -.15(ex)
+3.226 G .726(tension is used.).15 F .726(When loading,)5.726 F
+(the assertion is shopped around to e)108 218.4 Q -.15(ve)-.25 G
+(ry such de).15 E(vice.)-.25 E F2 .625(See also)87 235.2 R F0
+(The lib\214do2 documentation at https://de)108 247.2 Q -.15(ve)-.25 G
+(lopers.yubico.com/lib\214do2/.).15 E F2 1.666(SPECIAL THANKS)72 264 R
+F0 1.6 -.8(To a)108 276 T(ll who support further de).8 E -.15(ve)-.25 G
+(lopment, in particular:).15 E F2<83>128 288 Q F0(ThePhD)7.5 E F2<83>128
+300 Q F0(Embark Studios)7.5 E F2<83>128 312 Q F0(Jasper Bekk)7.5 E(ers)
+-.1 E F2<83>128 324 Q F0(EvModder)7.5 E F2(REPOR)72 340.8 Q 1.666
+(TING B)-.4 F(UGS)-.1 E F0(https://todo.sr)108 352.8 Q
+(.ht/\001nabijaczle)-.55 E(weli/fzifdso)-.25 E F1
+(\001nabijaczleweli/tzpfms@lists.sr.ht)108 369.6 Q F0 83.762(,a)C(rchi)
+-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E(https://lists.sr)
+108 381.6 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25 E(fzifdso 0)72
+817.889 Q(February 29, 2024)153.568 E(2)183.837 E 0 Cg EP
+%%Page: 1 4
+%%BeginPageSetup
+BP
+%%EndPageSetup
+/F0 10/Times-Roman@0 SF 50.243(ZFS-FIDO2-CLEAR-KEY\(8\) System)72 48 R
+(Manager')2.5 E 2.5(sM)-.55 G 47.742(anual ZFS-FIDO2-CLEAR-KEY\(8\))-2.5
+F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
+(zfs-fido2-clear-key)108 96 Q F0 3.587<8a72>3.588 G -.25(ew)-3.587 G
+1.087(rap ZFS dataset k).25 F 1.387 -.15(ey i)-.1 H 3.587(np).15 G
+(asssw)-3.587 E 1.087(ord and clear tzpfms FIDO2 meta-)-.1 F(data)108
+108 Q F1(SYNOPSIS)72 124.8 Q F2(zfs-fido2-add-backup)108 136.8 Q/F3 10
+/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0
+(After v)108 165.6 Q(erifying)-.15 E F3(dataset)2.5 E F0 -.1(wa)2.5 G
+2.5(se).1 G(ncrypted with)-2.5 E F2(tzpfms)2.5 E F0(back)2.5 E(end)-.1 E
+F1(FIDO2)2.5 E F0(:)A 5(1. performs)118 177.6 R 5.641(the equi)8.141 F
+-.25(va)-.25 G 5.641(lent of).25 F F2 5.642(zfs change-key)8.142 F<ad6f>
+13.308 E/F4 10/Courier@0 SF(keylocation=prompt)11.642 E F2<ad6f>13.308 E
+F4(keyformat=passphrase)133 189.6 Q F3(dataset)6 E F0(,)A 5(2. remo)118
+201.6 R -.15(ve)-.15 G 10.689(st).15 G(he)-10.689 E F4
+(xyz.nabijaczleweli:tzpfms.)10.689 E F0({)A F4(backend)A F0(,)A F4(key)
+14.189 E F0 10.689(}p)C 8.189(roperties from)-10.689 F F3(dataset)133
+213.6 Q F0(.)A(See)108 230.4 Q F4(zfs-fido2-change-key)2.5 E F0
+(\(8\) for a detailed description.)A F1(ENVIR)72 247.2 Q 1.666(ONMENT V)
+-.3 F(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 259.2 Q F0 .045
+(By def)133 271.2 R .045(ault, passphrases are prompted for and read in\
+ on the standard output and input streams.)-.1 F(If)5.046 E F4
+(TZPFMS_PASSPHRASE_HELPER)133 283.2 Q F0 1.596(is set and nonempty)4.096
+F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F4
+(/bin/)4.095 E F2 3.261(sh \255c)B F0(to)4.095 E(pro)133 295.2 Q
+(vide each passphrase, instead.)-.15 E .643
+(The standard output stream of the helper is tied to an anon)133 312 R
+.643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
+133 324 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
+(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F4($1)143 336 Q F0
+(Pre-formatted noun phrase with all the information belo)160 336 Q 1.3
+-.65(w, f)-.25 H(or use as a prompt).65 E F4($2)143 348 Q F0
+(Either the dataset name or the element of the TPM hierarch)160 348 Q
+2.5(yb)-.05 G(eing prompted for)-2.5 E F4($3)143 360 Q F0("ne)160 360 Q
+(w" if this is for a ne)-.25 E 2.5(wp)-.25 G(assphrase, otherwise blank)
+-2.5 E F4($4)143 372 Q F0("ag)160 372 Q(ain" if it')-.05 E 2.5(st)-.55 G
+(he second prompt for that passphrase, otherwise blank)-2.5 E .178
+(If the helper doesn')133 388.8 R 2.678(te)-.18 G .178
+(xist \(the shell e)-2.828 F .177(xits with)-.15 F F1(127)2.677 E F0
+.177(\), a diagnostic is issued and the normal prompt)B(is used as f)133
+400.8 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
+G(ther reason, the prompting is aborted.)-2.5 E F1 1.666
+(FIDO2 back-end con\214guration)72 417.6 R(En)87 429.6 Q(vir)-.4 E .625
+(onment v)-.18 F(ariables)-.1 E F4(FIDO_DEBUG)108 441.6 Q F0
+(If set, enables lib\214do2 deb)173 441.6 Q
+(ug logging to the standard error stream.)-.2 E F1(De)87 458.4 Q .625
+(vice selection)-.15 F F0 .726(When creating, the \214rst de)108 470.4 R
+.726(vice which supports the)-.25 F F4(hmac-secret)3.227 E F0 -.15(ex)
+3.227 G .727(tension is used.).15 F .727(When loading,)5.727 F
+(the assertion is shopped around to e)108 482.4 Q -.15(ve)-.25 G
+(ry such de).15 E(vice.)-.25 E F1 .625(See also)87 499.2 R F0
+(The lib\214do2 documentation at https://de)108 511.2 Q -.15(ve)-.25 G
+(lopers.yubico.com/lib\214do2/.).15 E F1 1.666(SPECIAL THANKS)72 528 R
+F0 1.6 -.8(To a)108 540 T(ll who support further de).8 E -.15(ve)-.25 G
+(lopment, in particular:).15 E F1<83>128 552 Q F0(ThePhD)7.5 E F1<83>128
+564 Q F0(Embark Studios)7.5 E F1<83>128 576 Q F0(Jasper Bekk)7.5 E(ers)
+-.1 E F1<83>128 588 Q F0(EvModder)7.5 E F1(REPOR)72 604.8 Q 1.666
+(TING B)-.4 F(UGS)-.1 E F0(https://todo.sr)108 616.8 Q
+(.ht/\001nabijaczle)-.55 E(weli/fzifdso)-.25 E F4
+(\001nabijaczleweli/tzpfms@lists.sr.ht)108 633.6 Q F0 83.763(,a)C(rchi)
+-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E(https://lists.sr)
+108 645.6 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25 E(fzifdso 0)72
+817.889 Q(February 28, 2024)153.568 E(1)183.837 E 0 Cg EP
+%%Page: 1 5
+%%BeginPageSetup
+BP
+%%EndPageSetup
+/F0 10/Times-Roman@0 SF(ZFS-FIDO2-LO)72 48 Q 55.603(AD-KEY\(8\) System)
+-.35 F(Manager')2.5 E 2.5(sM)-.55 G 53.102(anual ZFS-FIDO2-LO)-2.5 F
+(AD-KEY\(8\))-.35 E/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10
+/Courier-Bold@0 SF(zfs-fido2-load-key)108 96 Q F0 2.5<8a6c>2.5 G
+(oad FIDO2-encrypted ZFS dataset k)-2.5 E -.15(ey)-.1 G F1(SYNOPSIS)72
+112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E
+F0(])A/F3 10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6
+Q F0 1.141(After v)108 153.6 R(erifying)-.15 E F3(dataset)3.641 E F0 -.1
+(wa)3.641 G 3.641(se).1 G 1.141(ncrypted with)-3.641 F F2(tzpfms)3.641 E
+F0(back)3.641 E(end)-.1 E F1(FIDO2)3.641 E F0 3.641(,a)C 1.142
+(sserts the preserv)-3.641 F 1.142(ed chal-)-.15 F(lenge, HMA)108 165.6
+Q(Cking the salt with the on-de)-.4 E
+(vice secret, and loads the resulting k)-.25 E .3 -.15(ey i)-.1 H(nto)
+.15 E F3(dataset)2.5 E F0(.)A(See)108 182.4 Q/F4 10/Courier@0 SF
+(zfs-fido2-change-key)2.5 E F0(\(8\) for a detailed description.)A F1
+(OPTIONS)72 199.2 Q F2<ad6e>109.666 211.2 Q F0 3.208
+(Do a no-op/dry run, can be used e)131 211.2 R -.15(ve)-.25 G 5.708(ni)
+.15 G 5.708(ft)-5.708 G 3.208(he k)-5.708 F 3.508 -.15(ey i)-.1 H 5.708
+(sa).15 G 3.208(lready loaded.)-5.708 F(Equi)8.207 E -.25(va)-.25 G
+3.207(lent to).25 F F2(zfs)5.707 E(load-key)131 223.2 Q F0 -.55('s)C F2
+<ad6e>4.716 E F0(option.)2.5 E F1(ENVIR)72 240 Q 1.666(ONMENT V)-.3 F
+(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 252 Q F0 .045(By def)
+133 264 R .045(ault, passphrases are prompted for and read in on the st\
+andard output and input streams.)-.1 F(If)5.046 E F4
+(TZPFMS_PASSPHRASE_HELPER)133 276 Q F0 1.596(is set and nonempty)4.096 F
+4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F4
+(/bin/)4.095 E F2 3.261(sh \255c)B F0(to)4.095 E(pro)133 288 Q
+(vide each passphrase, instead.)-.15 E .643
+(The standard output stream of the helper is tied to an anon)133 304.8 R
+.643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
+133 316.8 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
+(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F4($1)143 328.8 Q F0
+(Pre-formatted noun phrase with all the information belo)160 328.8 Q 1.3
+-.65(w, f)-.25 H(or use as a prompt).65 E F4($2)143 340.8 Q F0
+(Either the dataset name or the element of the TPM hierarch)160 340.8 Q
+2.5(yb)-.05 G(eing prompted for)-2.5 E F4($3)143 352.8 Q F0("ne)160
+352.8 Q(w" if this is for a ne)-.25 E 2.5(wp)-.25 G
+(assphrase, otherwise blank)-2.5 E F4($4)143 364.8 Q F0("ag)160 364.8 Q
+(ain" if it')-.05 E 2.5(st)-.55 G
+(he second prompt for that passphrase, otherwise blank)-2.5 E .178
+(If the helper doesn')133 381.6 R 2.678(te)-.18 G .178
+(xist \(the shell e)-2.828 F .177(xits with)-.15 F F1(127)2.677 E F0
+.177(\), a diagnostic is issued and the normal prompt)B(is used as f)133
+393.6 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
+G(ther reason, the prompting is aborted.)-2.5 E F1 1.666(SPECIAL THANKS)
+72 410.4 R F0 1.6 -.8(To a)108 422.4 T(ll who support further de).8 E
+-.15(ve)-.25 G(lopment, in particular:).15 E F1<83>128 434.4 Q F0
+(ThePhD)7.5 E F1<83>128 446.4 Q F0(Embark Studios)7.5 E F1<83>128 458.4
+Q F0(Jasper Bekk)7.5 E(ers)-.1 E F1<83>128 470.4 Q F0(EvModder)7.5 E F1
+(REPOR)72 487.2 Q 1.666(TING B)-.4 F(UGS)-.1 E F0(https://todo.sr)108
+499.2 Q(.ht/\001nabijaczle)-.55 E(weli/fzifdso)-.25 E F4
+(\001nabijaczleweli/tzpfms@lists.sr.ht)108 516 Q F0 83.762(,a)C(rchi)
+-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E(https://lists.sr)
+108 528 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25 E(fzifdso 0)72
+817.889 Q(February 28, 2024)153.568 E(1)183.837 E 0 Cg EP
+%%Page: 1 6
+%%BeginPageSetup
+BP
+%%EndPageSetup
 /F0 10/Times-Roman@0 SF 93.563(ZFS-TPM-LIST\(8\) System)72 48 R
 (Manager')2.5 E 2.5(sM)-.55 G 91.062(anual ZFS-TPM-LIST\(8\))-2.5 F/F1
 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
 (zfs-tpm-list)108 96 Q F0 2.5<8a70>2.5 G(rint dataset tzpfms metadata)
--2.5 E F1(SYNOPSIS)72 112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2
-<ad48>1.666 E F0 2.5(][)C F2<ad72>-.834 E F0(|)A F2<ad64>1.666 E/F3 10
-/Courier-Oblique@0 SF(depth)6 E F0 2.5(][)C F2<ad61>-.834 E F0(|)A F2
-<ad62>1.666 E F3(back-end)6 E F0 2.5(][)C F2<ad75>-.834 E F0(|)A F2
-<ad6c>1.666 E F0(])A([)186 136.8 Q F3(filesystem)A F0(|)A F3(volume)A F0
+-2.5 E F1(SYNOPSIS)72 112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)
+2.5 E F2<ad48>1.666 E F0 2.5(][)C F2<ad72>-.834 E F0(|)A F2<ad64>1.666 E
+/F3 10/Courier-Oblique@0 SF(depth)6 E F0 2.5(][)C F2<ad61>-.834 E F0(|)A
+F2<ad62>1.666 E F3(back-end)6 E F0 2.5(][)C F2<ad75>-.834 E F0(|)A F2
+<ad6c>1.666 E F0(])A([)234 136.8 Q F3(filesystem)A F0(|)A F3(volume)A F0
 1.666(]...)C F1(DESCRIPTION)72 153.6 Q F0(Lists the follo)108 165.6 Q
 (wing properties on encryption roots:)-.25 E/F4 10/Courier@0 SF(name)128
 177.6 Q(back-end)128 189.6 Q F0(the)187 189.6 Q F2(tzpfms)2.979 E F0
@@ -326,26 +683,28 @@ listed \212 by def)108 307.2 R .966(ault, those managed by)-.1 F F2
 G(re una)-2.5 E -.25(va)-.2 G(ilable.).25 E F2<ad6c>109.666 446.4 Q F0
 (List only encryption roots whose k)185 446.4 Q -.15(ey)-.1 G 2.5(sa).15
 G(re a)-2.5 E -.25(va)-.2 G(ilable.).25 E F1(EXAMPLES)72 463.2 Q F4($)
-108 475.2 Q F2(zfs-tpm-list)6 E F4 72(NAME BACK-END)108 487.2 R 18
-(KEYSTATUS COHERENT)12 F 36(tarta-zoot TPM1.X)108 499.2 R 18
+108 475.2 Q F2(zfs-fido2-add-backup)6 E F4 72(NAME BACK-END)108 487.2 R
+18(KEYSTATUS COHERENT)12 F 36(tarta-zoot TPM1.X)108 499.2 R 18
 (available yes)24 F 6(tarta-zoot/home TPM2)108 511.2 R 6
-(unavailable yes)36 F($)108 535.2 Q F2 1.666(zfs-tpm-list \255ad0)6 F F4
-24(NAME BACK-END)108 547.2 R 6(KEYSTATUS COHERENT)12 F 6(filling -)108
-559.2 R 6(available yes)54 F($)108 583.2 Q F2 1.666(zfs-tpm-list \255b)6
-F F1(TPM2)6 E F4 72(NAME BACK-END)108 595.2 R 18(KEYSTATUS COHERENT)12 F
-6(tarta-zoot/home TPM2)108 607.2 R 6(unavailable yes)36 F($)108 631.2 Q
-F2 1.666(zfs-tpm-list \255ra)6 F F3(tarta-zoot)6 E F4 72(NAME BACK-END)
-108 643.2 R 18(KEYSTATUS COHERENT)12 F 36(tarta-zoot TPM1.X)108 655.2 R
-18(available yes)24 F 6(tarta-zoot/home TPM2)108 667.2 R 6
-(unavailable yes)36 F 12(tarta-zoot/bkp -)108 679.2 R 18(available yes)
-54 F 18(tarta-zoot/vm -)108 691.2 R 18(available yes)54 F($)108 715.2 Q
-F2 1.666(zfs-tpm-list \255al)6 F F4 72(NAME BACK-END)108 727.2 R 6
+(unavailable yes)36 F($)108 535.2 Q F2 1.666
+(zfs-fido2-add-backup \255ad0)6 F F4 24(NAME BACK-END)108 547.2 R 6
+(KEYSTATUS COHERENT)12 F 6(filling -)108 559.2 R 6(available yes)54 F($)
+108 583.2 Q F2 1.666(zfs-fido2-add-backup \255b)6 F F1(TPM2)6 E F4 72
+(NAME BACK-END)108 595.2 R 18(KEYSTATUS COHERENT)12 F 6
+(tarta-zoot/home TPM2)108 607.2 R 6(unavailable yes)36 F($)108 631.2 Q
+F2 1.666(zfs-fido2-add-backup \255ra)6 F F3(tarta-zoot)6 E F4 72
+(NAME BACK-END)108 643.2 R 18(KEYSTATUS COHERENT)12 F 36
+(tarta-zoot TPM1.X)108 655.2 R 18(available yes)24 F 6
+(tarta-zoot/home TPM2)108 667.2 R 6(unavailable yes)36 F 12
+(tarta-zoot/bkp -)108 679.2 R 18(available yes)54 F 18(tarta-zoot/vm -)
+108 691.2 R 18(available yes)54 F($)108 715.2 Q F2 1.666
+(zfs-fido2-add-backup \255al)6 F F4 72(NAME BACK-END)108 727.2 R 6
 (KEYSTATUS COHERENT)12 F 54(filling -)108 739.2 R 6(available yes)54 F
 36(tarta-zoot TPM1.X)108 751.2 R 6(available yes)24 F 12
 (tarta-zoot/bkp -)108 763.2 R 6(available yes)54 F 18(tarta-zoot/vm -)
 108 775.2 R 6(available yes)54 F F0(tzpfms 0.3.4-14-gf5996ad)72 817.889
 Q(December 4, 2022)84.693 E(1)183.842 E 0 Cg EP
-%%Page: 2 2
+%%Page: 2 7
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -362,7 +721,7 @@ F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
 (https://lists.sr)108 201.6 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)
 -.25 E(tzpfms 0.3.4-14-gf5996ad)72 817.889 Q(December 4, 2022)84.693 E
 (2)183.842 E 0 Cg EP
-%%Page: 1 3
+%%Page: 1 8
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -371,192 +730,193 @@ BP
 -2.5 F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0
 SF(zfs-tpm1x-change-key)108 96 Q F0 2.5<8a63>2.5 G(hange ZFS dataset k)
 -2.5 E .3 -.15(ey t)-.1 H 2.5(oo).15 G(ne stored on the TPM)-2.5 E F1
-(SYNOPSIS)72 112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2<ad62>
-1.666 E/F3 10/Courier-Oblique@0 SF(backup-file)6 E F0 2.5(][)C F2<ad50>
--.834 E F3(PCR)6 E F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C(])-1.666 E F3
-(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0 6.867 -.8(To n)108 153.6 T
-5.267(ormalise the).8 F F3(dataset)7.767 E F0(,)A F2(zfs-tpm-list)7.766
-E F0 5.266(will open its encryption root in its stead.)7.766 F F2
-(zfs-tpm-list)108 165.6 Q F0(will)2.5 E/F4 10/Times-Italic@0 SF(ne)2.5 E
-(ver)-.15 E F0(create or destro)2.5 E 2.5(ye)-.1 G(ncryption roots; use)
--2.5 E/F5 10/Courier@0 SF(zfs-change-key)2.5 E F0(\(8\) for that.)A
-(First, a connection is made to the TPM, which)108 182.4 Q F4(must)2.5 E
-F0(be TPM-1.X-compatible.)2.5 E(If)108 199.2 Q F3(dataset)3.176 E F0 -.1
+(SYNOPSIS)72 112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)2.5 E F2
+<ad62>1.666 E/F3 10/Courier-Oblique@0 SF(backup-file)6 E F0 2.5(][)C F2
+<ad50>-.834 E F3(PCR)6 E F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C(])-1.666
+E F3(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0 2.867 -.8(To n)108 153.6
+T 1.267(ormalise the).8 F F3(dataset)3.767 E F0(,)A F2
+(zfs-fido2-add-backup)3.766 E F0 1.266
+(will open its encryption root in its stead.)3.766 F F2
+(zfs-fido2-add-backup)108 165.6 Q F0(will)14.654 E/F4 10/Times-Italic@0
+SF(ne)14.654 E(ver)-.15 E F0 12.154(create or destro)14.654 F 14.655(ye)
+-.1 G 12.155(ncryption roots; use)-14.655 F/F5 10/Courier@0 SF
+(zfs-change-key)108 177.6 Q F0(\(8\) for that.)A
+(First, a connection is made to the TPM, which)108 194.4 Q F4(must)2.5 E
+F0(be TPM-1.X-compatible.)2.5 E(If)108 211.2 Q F3(dataset)3.177 E F0 -.1
 (wa)3.176 G 3.176(sp).1 G(re)-3.176 E .676(viously encrypted with)-.25 F
 F2(tzpfms)3.176 E F0 .676(and the)3.176 F F1(TPM1.X)3.176 E F0 .676
 (back-end w)3.176 F .676(as used, the meta-)-.1 F .926
-(data will be silently cleared.)108 211.2 R .926
+(data will be silently cleared.)108 223.2 R .926
 (Otherwise, or in case of an error)5.926 F 3.426(,d)-.4 G .926
 (ata required for manual interv)-3.426 F(ention)-.15 E
-(will be written to the standard error stream.)108 223.2 Q(Ne)108 240 Q
-.294(xt, a ne)-.15 F 2.794(ww)-.25 G .294(rapping k)-2.794 F .594 -.15
+(will be written to the standard error stream.)108 235.2 Q(Ne)108 252 Q
+.295(xt, a ne)-.15 F 2.794(ww)-.25 G .294(rapping k)-2.794 F .594 -.15
 (ey i)-.1 H 2.794(sg).15 G .294(enerated on the TPM, optionally back)
 -2.794 F .294(ed up \(see)-.1 F F1(OPTIONS)2.794 E F0 .294
-(\), and sealed)B .586(on the TPM; the user is prompted for an optional\
- passphrase to protect the k)108 252 R .885 -.15(ey w)-.1 H .585
-(ith, and for the SRK).15 F(passphrase, set when taking o)108 264 Q
+(\), and sealed)B .585(on the TPM; the user is prompted for an optional\
+ passphrase to protect the k)108 264 R .886 -.15(ey w)-.1 H .586
+(ith, and for the SRK).15 F(passphrase, set when taking o)108 276 Q
 (wnership, if not "well-kno)-.25 E(wn" \(all zeroes\).)-.25 E(The follo)
-108 280.8 Q(wing properties are set on)-.25 E F3(dataset)2.5 E F0(:)A F1
-<83>128 292.8 Q F5(xyz.nabijaczleweli:tzpfms.backend)7.5 E F0(=)A F1
-(TPM1.X)A<83>128 304.8 Q F5(xyz.nabijaczleweli:tzpfms.key)7.5 E F0(=)A
+108 292.8 Q(wing properties are set on)-.25 E F3(dataset)2.5 E F0(:)A F1
+<83>128 304.8 Q F5(xyz.nabijaczleweli:tzpfms.backend)7.5 E F0(=)A F1
+(TPM1.X)A<83>128 316.8 Q F5(xyz.nabijaczleweli:tzpfms.key)7.5 E F0(=)A
 F3(parent-key-blob)A F2(:)A F3(sealed-object-blob)A F5(tzpfms.backend)
-108 321.6 Q F0 .291(identi\214es this dataset for w)2.791 F .292
-(ork with)-.1 F F1(TPM1.X)2.792 E F0(-back-ended)A F2(tzpfms)2.792 E F0
-.292(tools \(namely)2.792 F F5(zfs-tpm1x-change-key)108 333.6 Q F0
+108 333.6 Q F0 .292(identi\214es this dataset for w)2.792 F .291
+(ork with)-.1 F F1(TPM1.X)2.791 E F0(-back-ended)A F2(tzpfms)2.791 E F0
+.291(tools \(namely)2.791 F F5(zfs-tpm1x-change-key)108 345.6 Q F0
 (\(8\),)A F5(zfs-tpm1x-load-key)2.5 E F0(\(8\), and)A F5
-(zfs-tpm1x-clear-key)2.5 E F0(\(8\)\).)A F5(tzpfms.key)108 350.4 Q F0
-1.412(is a colon-separated pair of he)3.913 F 1.412
-(xadecimal-string \(i.e. "4F7730" for "Ow0"\) blobs; the)-.15 F .867
-(\214rst one represents the RSA k)108 362.4 R 1.167 -.15(ey p)-.1 H .868
+(zfs-tpm1x-clear-key)2.5 E F0(\(8\)\).)A F5(tzpfms.key)108 362.4 Q F0
+1.412(is a colon-separated pair of he)3.912 F 1.412
+(xadecimal-string \(i.e. "4F7730" for "Ow0"\) blobs; the)-.15 F .868
+(\214rst one represents the RSA k)108 374.4 R 1.168 -.15(ey p)-.1 H .867
 (rotecting the blob, and it is protected with either the passphrase, if)
-.15 F(pro)108 374.4 Q 1.414(vided, or the SHA1 constant)-.15 F F5
-(CE4CF677875B5EB8993591D5A9AF1ED24A3A8736)3.913 E F0 3.913(;t)C 1.413
-(he sec-)-3.913 F .379
-(ond represents the sealed object containing the wrapping k)108 386.4 R
+.15 F(pro)108 386.4 Q 1.413(vided, or the SHA1 constant)-.15 F F5
+(CE4CF677875B5EB8993591D5A9AF1ED24A3A8736)3.914 E F0 3.914(;t)C 1.414
+(he sec-)-3.914 F .379
+(ond represents the sealed object containing the wrapping k)108 398.4 R
 -.15(ey)-.1 G 2.879(,a)-.5 G .379
 (nd is protected with the SHA1 constant)-2.879 F F5
-(B9EE715DBE4B243FAA81EA04306E063710383E35)108 398.4 Q F0 6.721(.T)C
-1.721(here e)-6.721 F 1.721(xists no other user)-.15 F 1.72
-(-land tool for)-.2 F(decrypting this; perhaps there should be.)108
-410.4 Q(Finally)108 427.2 Q 12.005(,t)-.65 G 9.505(he equi)-12.005 F
--.25(va)-.25 G 9.505(lent of).25 F F2 9.505(zfs change-key)12.005 F
-<ad6f>17.172 E F5(keylocation=prompt)15.506 E F2<ad6f>17.172 E F5
-(keyformat=raw)108 439.2 Q F3(dataset)6.107 E F0 .107
-(is performed with the ne)2.607 F 2.606(wk)-.25 G -.15(ey)-2.706 G 5.106
-(.I)-.5 G 2.606(fa)-5.106 G 2.606(ne)-2.606 G .106
-(rror occurred, best ef)-2.606 F .106(fort is made)-.25 F
+(B9EE715DBE4B243FAA81EA04306E063710383E35)108 410.4 Q F0 6.72(.T)C 1.72
+(here e)-6.72 F 1.721(xists no other user)-.15 F 1.721(-land tool for)
+-.2 F(decrypting this; perhaps there should be.)108 422.4 Q(Finally)108
+439.2 Q 12.006(,t)-.65 G 9.506(he equi)-12.006 F -.25(va)-.25 G 9.506
+(lent of).25 F F2 9.505(zfs change-key)12.005 F<ad6f>17.171 E F5
+(keylocation=prompt)15.505 E F2<ad6f>17.171 E F5(keyformat=raw)108 451.2
+Q F3(dataset)6.106 E F0 .106(is performed with the ne)2.606 F 2.606(wk)
+-.25 G -.15(ey)-2.706 G 5.106(.I)-.5 G 2.606(fa)-5.106 G 2.606(ne)-2.606
+G .107(rror occurred, best ef)-2.606 F .107(fort is made)-.25 F
 (to clean up the properties, or to issue a note for manual interv)108
-451.2 Q(ention into the standard error stream.)-.15 E 4.055<418c>108 468
-S 1.555(nal v)-4.055 F 1.556(eri\214cation should be made by running)
--.15 F F2 3.222(zfs-tpm1x-load-key \255n)4.056 F F3(dataset)7.556 E F0
-6.556(.I)C 4.056(ft)-6.556 G(hat)-4.056 E .729
-(command succeeds, all is well, b)108 480 R .729
+463.2 Q(ention into the standard error stream.)-.15 E 4.056<418c>108 480
+S 1.556(nal v)-4.056 F 1.556(eri\214cation should be made by running)
+-.15 F F2 3.222(zfs-tpm1x-load-key \255n)4.056 F F3(dataset)7.555 E F0
+6.555(.I)C 4.055(ft)-6.555 G(hat)-4.055 E .729
+(command succeeds, all is well, b)108 492 R .729
 (ut otherwise the dataset can be manually rolled back to a passphrase)
--.2 F(with)108 492 Q F2(zfs-tpm1x-clear-key)5.146 E F3(dataset)8.646 E
-F0(\(or)5.146 E 5.146(,i)-.4 G 5.146(ft)-5.146 G 2.646(hat f)-5.146 F
-2.646(ails to w)-.1 F(ork,)-.1 E F2 2.647(zfs change-key)5.147 F<ad6f>
-10.313 E F5(keyformat=passphrase)108 504 Q F3(dataset)6 E F0
+-.2 F(with)108 504 Q F2(zfs-tpm1x-clear-key)5.147 E F3(dataset)8.647 E
+F0(\(or)5.147 E 5.146(,i)-.4 G 5.146(ft)-5.146 G 2.646(hat f)-5.146 F
+2.646(ails to w)-.1 F(ork,)-.1 E F2 2.646(zfs change-key)5.146 F<ad6f>
+10.312 E F5(keyformat=passphrase)108 516 Q F3(dataset)6 E F0
 (\), and you are hereby ask)A(ed to report a b)-.1 E(ug, please.)-.2 E
-F2(zfs-tpm1x-clear-key)108 520.8 Q F3(dataset)7.607 E F0 1.607
-(can be used to clear the properties and go back to using a)4.107 F
-(passphrase.)108 532.8 Q F1(OPTIONS)72 549.6 Q F2<ad62>109.666 561.6 Q
-F3(backup-file)6 E F0(Sa)203 561.6 Q .352 -.15(ve a b)-.2 H .052
+F2(zfs-tpm1x-clear-key)108 532.8 Q F3(dataset)7.606 E F0 1.607
+(can be used to clear the properties and go back to using a)4.106 F
+(passphrase.)108 544.8 Q F1(OPTIONS)72 561.6 Q F2<ad62>109.666 573.6 Q
+F3(backup-file)6 E F0(Sa)203 573.6 Q .353 -.15(ve a b)-.2 H .052
 (ack-up of the k).15 F .352 -.15(ey t)-.1 H(o).15 E F3(backup-file)2.552
-E F0 2.552(,w)C .052(hich must not e)-2.552 F .053(xist beforehand.)-.15
-F .694(This back-up)203 573.6 R F4(must)3.194 E F0 .694
-(be stored securely)3.194 F 3.194(,o)-.65 G -.25(ff)-3.194 G 3.194
-(-site. In).25 F .693(case of a catastrophic e)3.194 F -.15(ve)-.25 G
-(nt,).15 E(the k)203 585.6 Q .3 -.15(ey c)-.1 H(an be loaded by running)
-.15 E F2(zfs load-key)233 597.6 Q F3(dataset)6 E F5(<)6 E F3
-(backup-file)6 E F2<ad50>109.666 614.4 Q F3(PCR)6 E F0([)A F2(,)A F3
-(PCR)A F0 1.666(]...)C .638(Bind the k)203 614.4 R .939 -.15(ey t)-.1 H
+E F0 2.552(,w)C .052(hich must not e)-2.552 F .052(xist beforehand.)-.15
+F .693(This back-up)203 585.6 R F4(must)3.193 E F0 .694
+(be stored securely)3.193 F 3.194(,o)-.65 G -.25(ff)-3.194 G 3.194
+(-site. In).25 F .694(case of a catastrophic e)3.194 F -.15(ve)-.25 G
+(nt,).15 E(the k)203 597.6 Q .3 -.15(ey c)-.1 H(an be loaded by running)
+.15 E F2(zfs load-key)233 609.6 Q F3(dataset)6 E F5(<)6 E F3
+(backup-file)6 E F2<ad50>109.666 626.4 Q F3(PCR)6 E F0([)A F2(,)A F3
+(PCR)A F0 1.666(]...)C .639(Bind the k)203 626.4 R .939 -.15(ey t)-.1 H
 3.139(os).15 G .639(pace- or comma-separated)-3.139 F F3(PCR)3.139 E F0
-3.139(s\212i)C 3.139(ft)-3.139 G(he)-3.139 E 3.139(yc)-.15 G .639
-(hange, the wrap-)-3.139 F .463(ping k)203 626.4 R .763 -.15(ey w)-.1 H
-.463(ill not be able to be unsealed.).15 F .462
-(The minimum number of PCRs for a)5.462 F(PC TPM is)203 638.4 Q F1(24)
+3.139(s\212i)C 3.139(ft)-3.139 G(he)-3.139 E 3.139(yc)-.15 G .638
+(hange, the wrap-)-3.139 F .462(ping k)203 638.4 R .762 -.15(ey w)-.1 H
+.462(ill not be able to be unsealed.).15 F .463
+(The minimum number of PCRs for a)5.462 F(PC TPM is)203 650.4 Q F1(24)
 2.5 E F0(\(numbered [)2.5 E F1(0)A F0(,)A F1(23)2.5 E F0 2.5(]\). F)B
-(or most, this is also the maximum.)-.15 E F1(ENVIR)72 655.2 Q 1.666
-(ONMENT V)-.3 F(ARIABLES)-1.35 E F5(TZPFMS_PASSPHRASE_HELPER)108 667.2 Q
-F0 .045(By def)133 679.2 R .045(ault, passphrases are prompted for and \
-read in on the standard output and input streams.)-.1 F(If)5.046 E F5
-(TZPFMS_PASSPHRASE_HELPER)133 691.2 Q F0 1.596(is set and nonempty)4.096
+(or most, this is also the maximum.)-.15 E F1(ENVIR)72 667.2 Q 1.666
+(ONMENT V)-.3 F(ARIABLES)-1.35 E F5(TZPFMS_PASSPHRASE_HELPER)108 679.2 Q
+F0 .046(By def)133 691.2 R .045(ault, passphrases are prompted for and \
+read in on the standard output and input streams.)-.1 F(If)5.045 E F5
+(TZPFMS_PASSPHRASE_HELPER)133 703.2 Q F0 1.595(is set and nonempty)4.095
 F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F5
-(/bin/)4.095 E F2 3.261(sh \255c)B F0(to)4.095 E(pro)133 703.2 Q
+(/bin/)4.096 E F2 3.262(sh \255c)B F0(to)4.096 E(pro)133 715.2 Q
 (vide each passphrase, instead.)-.15 E .643
-(The standard output stream of the helper is tied to an anon)133 720 R
+(The standard output stream of the helper is tied to an anon)133 732 R
 .643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
-133 732 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
-(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F5($1)143 744 Q F0
-(Pre-formatted noun phrase with all the information belo)160 744 Q 1.3
--.65(w, f)-.25 H(or use as a prompt).65 E(tzpfms 0.3.4-14-gf5996ad)72
+133 744 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
+(y. T)-.15 H(he ar).65 E(guments are:)-.18 E(tzpfms 0.3.4-14-gf5996ad)72
 817.889 Q(February 28, 2024)84.688 E(1)183.837 E 0 Cg EP
-%%Page: 2 4
+%%Page: 2 9
 %%BeginPageSetup
 BP
 %%EndPageSetup
 /F0 10/Times-Roman@0 SF 36.913(ZFS-TPM1X-CHANGE-KEY\(8\) System)72 48 R
 (Manager')2.5 E 2.5(sM)-.55 G 34.412(anual ZFS-TPM1X-CHANGE-KEY\(8\))
--2.5 F/F1 10/Courier@0 SF($2)143 84 Q F0
-(Either the dataset name or the element of the TPM hierarch)160 84 Q 2.5
-(yb)-.05 G(eing prompted for)-2.5 E F1($3)143 96 Q F0("ne)160 96 Q
+-2.5 F/F1 10/Courier@0 SF($1)143 84 Q F0
+(Pre-formatted noun phrase with all the information belo)160 84 Q 1.3
+-.65(w, f)-.25 H(or use as a prompt).65 E F1($2)143 96 Q F0
+(Either the dataset name or the element of the TPM hierarch)160 96 Q 2.5
+(yb)-.05 G(eing prompted for)-2.5 E F1($3)143 108 Q F0("ne)160 108 Q
 (w" if this is for a ne)-.25 E 2.5(wp)-.25 G(assphrase, otherwise blank)
--2.5 E F1($4)143 108 Q F0("ag)160 108 Q(ain" if it')-.05 E 2.5(st)-.55 G
-(he second prompt for that passphrase, otherwise blank)-2.5 E .178
-(If the helper doesn')133 124.8 R 2.678(te)-.18 G .178
-(xist \(the shell e)-2.828 F .177(xits with)-.15 F/F2 10/Times-Bold@0 SF
-(127)2.677 E F0 .177(\), a diagnostic is issued and the normal prompt)B
-(is used as f)133 136.8 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)
+-2.5 E F1($4)143 120 Q F0("ag)160 120 Q(ain" if it')-.05 E 2.5(st)-.55 G
+(he second prompt for that passphrase, otherwise blank)-2.5 E .177
+(If the helper doesn')133 136.8 R 2.677(te)-.18 G .177
+(xist \(the shell e)-2.827 F .177(xits with)-.15 F/F2 10/Times-Bold@0 SF
+(127)2.677 E F0 .178(\), a diagnostic is issued and the normal prompt)B
+(is used as f)133 148.8 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)
 -.1 E 2.5(yo)-.15 G(ther reason, the prompting is aborted.)-2.5 E F2
-1.666(TPM1.X back-end con\214guration)72 153.6 R .625(TPM selection)87
-165.6 R F0(The)108 177.6 Q/F3 10/Courier-Bold@0 SF(tzpfms)2.729 E F0
-.229(suite connects to a local)2.729 F F1(tcsd)2.73 E F0 .23
-(\(8\) process \(at)B F1(localhost:30003)2.73 E F0 2.73(\)b)C 2.73(yd)
--2.73 G(ef)-2.73 E 2.73(ault. Use)-.1 F(the)2.73 E(en)108 189.6 Q
-(vironment v)-.4 E(ariable)-.25 E F1(TZPFMS_TPM1X)2.5 E F0
-(to specify a remote TCS hostname.)2.5 E .111(The T)108 206.4 R(rouSerS)
--.35 E F1(tcsd)2.611 E F0 .111(\(8\) daemon will try)B F1(/dev/tpm0)2.61
-E F0 2.61(,t)C(hen)-2.61 E F1(/udev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E
-F1(/dev/tpm)2.61 E F0 2.61(;b)C 2.61(yo)-2.61 G(ccu-)-2.61 E -.1(py)108
-218.4 S(ing one of the earlier ones with, for e).1 E
+1.666(TPM1.X back-end con\214guration)72 165.6 R .625(TPM selection)87
+177.6 R F0(The)108 189.6 Q/F3 10/Courier-Bold@0 SF(tzpfms)2.73 E F0 .23
+(suite connects to a local)2.73 F F1(tcsd)2.73 E F0 .23
+(\(8\) process \(at)B F1(localhost:30003)2.729 E F0 2.729(\)b)C 2.729
+(yd)-2.729 G(ef)-2.729 E 2.729(ault. Use)-.1 F(the)2.729 E(en)108 201.6
+Q(vironment v)-.4 E(ariable)-.25 E F1(TZPFMS_TPM1X)2.5 E F0
+(to specify a remote TCS hostname.)2.5 E .11(The T)108 218.4 R(rouSerS)
+-.35 E F1(tcsd)2.61 E F0 .11(\(8\) daemon will try)B F1(/dev/tpm0)2.61 E
+F0 2.61(,t)C(hen)-2.61 E F1(/udev/tpm0)2.611 E F0 2.611(,t)C(hen)-2.611
+E F1(/dev/tpm)2.611 E F0 2.611(;b)C 2.611(yo)-2.611 G(ccu-)-2.611 E -.1
+(py)108 230.4 S(ing one of the earlier ones with, for e).1 E
 (xample, shell redirection, a later one can be selected.)-.15 E F2 .625
-(See also)87 235.2 R F0(The T)108 247.2 Q
+(See also)87 247.2 R F0(The T)108 259.2 Q
 (rouSerS project page at https://sourcefor)-.35 E
 (ge.net/projects/trousers.)-.18 E 4.415
-(The TPM 1.2 main speci\214cation inde)108 264 R 6.915(xa)-.15 G 6.915
+(The TPM 1.2 main speci\214cation inde)108 276 R 6.915(xa)-.15 G 6.915
 (th)-6.915 G(ttps://trustedcomputinggroup.or)-6.915 E
-(g/resource/tpm-main-)-.18 E(speci\214cation.)108 276 Q F2 1.666
-(SPECIAL THANKS)72 292.8 R F0 1.6 -.8(To a)108 304.8 T
+(g/resource/tpm-main-)-.18 E(speci\214cation.)108 288 Q F2 1.666
+(SPECIAL THANKS)72 304.8 R F0 1.6 -.8(To a)108 316.8 T
 (ll who support further de).8 E -.15(ve)-.25 G(lopment, in particular:)
-.15 E F2<83>128 316.8 Q F0(ThePhD)7.5 E F2<83>128 328.8 Q F0
-(Embark Studios)7.5 E F2<83>128 340.8 Q F0(Jasper Bekk)7.5 E(ers)-.1 E
-F2<83>128 352.8 Q F0(EvModder)7.5 E F2(REPOR)72 369.6 Q 1.666(TING B)-.4
-F(UGS)-.1 E F0(https://todo.sr)108 381.6 Q(.ht/\001nabijaczle)-.55 E
-(weli/tzpfms)-.25 E F1(\001nabijaczleweli/tzpfms@lists.sr.ht)108 398.4 Q
-F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
-(https://lists.sr)108 410.4 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)
--.25 E F2 1.666(SEE ALSO)72 427.2 R F0
-(PCR allocations: https://wiki.archlinux.or)108 439.2 Q(g/title/T)-.18 E
+.15 E F2<83>128 328.8 Q F0(ThePhD)7.5 E F2<83>128 340.8 Q F0
+(Embark Studios)7.5 E F2<83>128 352.8 Q F0(Jasper Bekk)7.5 E(ers)-.1 E
+F2<83>128 364.8 Q F0(EvModder)7.5 E F2(REPOR)72 381.6 Q 1.666(TING B)-.4
+F(UGS)-.1 E F0(https://todo.sr)108 393.6 Q(.ht/\001nabijaczle)-.55 E
+(weli/tzpfms)-.25 E F1(\001nabijaczleweli/tzpfms@lists.sr.ht)108 410.4 Q
+F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
+(https://lists.sr)108 422.4 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)
+-.25 E F2 1.666(SEE ALSO)72 439.2 R F0
+(PCR allocations: https://wiki.archlinux.or)108 451.2 Q(g/title/T)-.18 E
 (rusted_Platform_Module#Accessing_PCR_re)-.35 E(gisters)-.15 E
-(and https://trustedcomputinggroup.or)108 451.2 Q
+(and https://trustedcomputinggroup.or)108 463.2 Q
 (g/wp-content/uploads/PC-)-.18 E(ClientSpeci\214c_Platform_Pro\214le_fo\
-r_TPM_2p0_Systems_v51.pdf, Section 2.3.4 "PCR Usage", T)108 463.2 Q
-(able)-.8 E(1.)108 475.2 Q(tzpfms 0.3.4-14-gf5996ad)72 817.889 Q
+r_TPM_2p0_Systems_v51.pdf, Section 2.3.4 "PCR Usage", T)108 475.2 Q
+(able)-.8 E(1.)108 487.2 Q(tzpfms 0.3.4-14-gf5996ad)72 817.889 Q
 (February 28, 2024)84.688 E(2)183.837 E 0 Cg EP
-%%Page: 1 5
+%%Page: 1 10
 %%BeginPageSetup
 BP
 %%EndPageSetup
 /F0 10/Times-Roman@0 SF 45.793(ZFS-TPM1X-CLEAR-KEY\(8\) System)72 48 R
 (Manager')2.5 E 2.5(sM)-.55 G 43.292(anual ZFS-TPM1X-CLEAR-KEY\(8\))-2.5
 F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
-(zfs-tpm1x-clear-key)108 96 Q F0 3.008<8a72>3.007 G -.25(ew)-3.008 G
+(zfs-tpm1x-clear-key)108 96 Q F0 3.008<8a72>3.008 G -.25(ew)-3.008 G
 .508(rap ZFS dataset k).25 F .808 -.15(ey i)-.1 H 3.008(np).15 G(asssw)
 -3.008 E .508(ord and clear tzpfms TPM1.X meta-)-.1 F(data)108 108 Q F1
-(SYNOPSIS)72 124.8 Q F2(zfs-tpm-list)108 136.8 Q/F3 10/Courier-Oblique@0
-SF(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0(After v)108 165.6 Q
-(erifying)-.15 E F3(dataset)2.5 E F0 -.1(wa)2.5 G 2.5(se).1 G
-(ncrypted with)-2.5 E F2(tzpfms)2.5 E F0(back)2.5 E(end)-.1 E F1(TPM1.X)
-2.5 E F0(:)A 5(1. performs)118 177.6 R 5.642(the equi)8.142 F -.25(va)
--.25 G 5.642(lent of).25 F F2 5.642(zfs change-key)8.142 F<ad6f>13.307 E
-/F4 10/Courier@0 SF(keylocation=prompt)11.641 E F2<ad6f>13.307 E F4
-(keyformat=passphrase)133 189.6 Q F3(dataset)6 E F0(,)A 5(2. remo)118
+(SYNOPSIS)72 124.8 Q F2(zfs-fido2-add-backup)108 136.8 Q/F3 10
+/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0
+(After v)108 165.6 Q(erifying)-.15 E F3(dataset)2.5 E F0 -.1(wa)2.5 G
+2.5(se).1 G(ncrypted with)-2.5 E F2(tzpfms)2.5 E F0(back)2.5 E(end)-.1 E
+F1(TPM1.X)2.5 E F0(:)A 5(1. performs)118 177.6 R 5.641(the equi)8.141 F
+-.25(va)-.25 G 5.641(lent of).25 F F2 5.642(zfs change-key)8.142 F<ad6f>
+13.308 E/F4 10/Courier@0 SF(keylocation=prompt)11.642 E F2<ad6f>13.308 E
+F4(keyformat=passphrase)133 189.6 Q F3(dataset)6 E F0(,)A 5(2. remo)118
 201.6 R -.15(ve)-.15 G 10.689(st).15 G(he)-10.689 E F4
 (xyz.nabijaczleweli:tzpfms.)10.689 E F0({)A F4(backend)A F0(,)A F4(key)
 14.189 E F0 10.689(}p)C 8.189(roperties from)-10.689 F F3(dataset)133
 213.6 Q F0(.)A(See)108 230.4 Q F4(zfs-tpm1x-change-key)2.5 E F0
 (\(8\) for a detailed description.)A F1 1.666
 (TPM1.X back-end con\214guration)72 247.2 R .625(TPM selection)87 259.2
-R F0(The)108 271.2 Q F2(tzpfms)2.73 E F0 .23(suite connects to a local)
-2.73 F F4(tcsd)2.73 E F0 .23(\(8\) process \(at)B F4(localhost:30003)
-2.729 E F0 2.729(\)b)C 2.729(yd)-2.729 G(ef)-2.729 E 2.729(ault. Use)-.1
-F(the)2.729 E(en)108 283.2 Q(vironment v)-.4 E(ariable)-.25 E F4
-(TZPFMS_TPM1X)2.5 E F0(to specify a remote TCS hostname.)2.5 E .11
-(The T)108 300 R(rouSerS)-.35 E F4(tcsd)2.61 E F0 .11
-(\(8\) daemon will try)B F4(/dev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E F4
-(/udev/tpm0)2.611 E F0 2.611(,t)C(hen)-2.611 E F4(/dev/tpm)2.611 E F0
-2.611(;b)C 2.611(yo)-2.611 G(ccu-)-2.611 E -.1(py)108 312 S
-(ing one of the earlier ones with, for e).1 E
+R F0(The)108 271.2 Q F2(tzpfms)2.729 E F0 .229
+(suite connects to a local)2.729 F F4(tcsd)2.73 E F0 .23
+(\(8\) process \(at)B F4(localhost:30003)2.73 E F0 2.73(\)b)C 2.73(yd)
+-2.73 G(ef)-2.73 E 2.73(ault. Use)-.1 F(the)2.73 E(en)108 283.2 Q
+(vironment v)-.4 E(ariable)-.25 E F4(TZPFMS_TPM1X)2.5 E F0
+(to specify a remote TCS hostname.)2.5 E .111(The T)108 300 R(rouSerS)
+-.35 E F4(tcsd)2.611 E F0 .111(\(8\) daemon will try)B F4(/dev/tpm0)2.61
+E F0 2.61(,t)C(hen)-2.61 E F4(/udev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E
+F4(/dev/tpm)2.61 E F0 2.61(;b)C 2.61(yo)-2.61 G(ccu-)-2.61 E -.1(py)108
+312 S(ing one of the earlier ones with, for e).1 E
 (xample, shell redirection, a later one can be selected.)-.15 E F1 .625
 (See also)87 328.8 R F0(The T)108 340.8 Q
 (rouSerS project page at https://sourcefor)-.35 E
@@ -571,11 +931,11 @@ F(the)2.729 E(en)108 283.2 Q(vironment v)-.4 E(ariable)-.25 E F4
 F1<83>128 446.4 Q F0(EvModder)7.5 E F1(REPOR)72 463.2 Q 1.666(TING B)-.4
 F(UGS)-.1 E F0(https://todo.sr)108 475.2 Q(.ht/\001nabijaczle)-.55 E
 (weli/tzpfms)-.25 E F4(\001nabijaczleweli/tzpfms@lists.sr.ht)108 492 Q
-F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
+F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
 (https://lists.sr)108 504 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25
 E(tzpfms 0.3.4-14-gf5996ad)72 817.889 Q(December 4, 2022)84.693 E(1)
 183.842 E 0 Cg EP
-%%Page: 1 6
+%%Page: 1 11
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -584,15 +944,15 @@ BP
 (AD-KEY\(8\))-.35 E/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10
 /Courier-Bold@0 SF(zfs-tpm1x-load-key)108 96 Q F0 2.5<8a6c>2.5 G
 (oad TPM1.X-encrypted ZFS dataset k)-2.5 E -.15(ey)-.1 G F1(SYNOPSIS)72
-112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E F0(])A/F3
-10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0 .191
-(After v)108 153.6 R(erifying)-.15 E F3(dataset)2.691 E F0 -.1(wa)2.691
-G 2.691(se).1 G .191(ncrypted with)-2.691 F F2(tzpfms)2.69 E F0(back)
-2.69 E(end)-.1 E F1(TPM1.X)2.69 E F0 .19(will unseal the k)2.69 F .49
--.15(ey a)-.1 H .19(nd load).15 F(it into)108 165.6 Q F3(dataset)2.5 E
-F0(.)A .236
+112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E
+F0(])A/F3 10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6
+Q F0 .19(After v)108 153.6 R(erifying)-.15 E F3(dataset)2.69 E F0 -.1
+(wa)2.69 G 2.69(se).1 G .19(ncrypted with)-2.69 F F2(tzpfms)2.69 E F0
+(back)2.69 E(end)-.1 E F1(TPM1.X)2.69 E F0 .191(will unseal the k)2.69 F
+.491 -.15(ey a)-.1 H .191(nd load).15 F(it into)108 165.6 Q F3(dataset)
+2.5 E F0(.)A .236
 (The user is \214rst prompted for the SRK passphrase, set when taking o)
-108 182.4 R .236(wnership, if not "well-kno)-.25 F .236(wn" \(all)-.25 F
+108 182.4 R .236(wnership, if not "well-kno)-.25 F .235(wn" \(all)-.25 F
 (zeroes\); then for the additional passphrase, set when creating the k)
 108 194.4 Q -.15(ey)-.1 G 2.5(,i)-.5 G 2.5(fo)-2.5 G(ne w)-2.5 E
 (as set.)-.1 E(See)108 211.2 Q/F4 10/Courier@0 SF(zfs-tpm1x-change-key)
@@ -600,14 +960,14 @@ F0(.)A .236
 <ad6e>109.666 240 Q F0 3.208(Do a no-op/dry run, can be used e)131 240 R
 -.15(ve)-.25 G 5.708(ni).15 G 5.708(ft)-5.708 G 3.208(he k)-5.708 F
 3.508 -.15(ey i)-.1 H 5.708(sa).15 G 3.208(lready loaded.)-5.708 F(Equi)
-8.207 E -.25(va)-.25 G 3.207(lent to).25 F F2(zfs)5.707 E(load-key)131
+8.208 E -.25(va)-.25 G 3.208(lent to).25 F F2(zfs)5.708 E(load-key)131
 252 Q F0 -.55('s)C F2<ad6e>4.716 E F0(option.)2.5 E F1(ENVIR)72 268.8 Q
 1.666(ONMENT V)-.3 F(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108
-280.8 Q F0 .045(By def)133 292.8 R .045(ault, passphrases are prompted \
-for and read in on the standard output and input streams.)-.1 F(If)5.046
-E F4(TZPFMS_PASSPHRASE_HELPER)133 304.8 Q F0 1.596(is set and nonempty)
-4.096 F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F
-F4(/bin/)4.095 E F2 3.261(sh \255c)B F0(to)4.095 E(pro)133 316.8 Q
+280.8 Q F0 .046(By def)133 292.8 R .045(ault, passphrases are prompted \
+for and read in on the standard output and input streams.)-.1 F(If)5.045
+E F4(TZPFMS_PASSPHRASE_HELPER)133 304.8 Q F0 1.595(is set and nonempty)
+4.095 F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F
+F4(/bin/)4.096 E F2 3.262(sh \255c)B F0(to)4.096 E(pro)133 316.8 Q
 (vide each passphrase, instead.)-.15 E .643
 (The standard output stream of the helper is tied to an anon)133 333.6 R
 .643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
@@ -620,23 +980,23 @@ F4(/bin/)4.095 E F2 3.261(sh \255c)B F0(to)4.095 E(pro)133 316.8 Q
 381.6 Q(w" if this is for a ne)-.25 E 2.5(wp)-.25 G
 (assphrase, otherwise blank)-2.5 E F4($4)143 393.6 Q F0("ag)160 393.6 Q
 (ain" if it')-.05 E 2.5(st)-.55 G
-(he second prompt for that passphrase, otherwise blank)-2.5 E .178
-(If the helper doesn')133 410.4 R 2.678(te)-.18 G .178
-(xist \(the shell e)-2.828 F .177(xits with)-.15 F F1(127)2.677 E F0
-.177(\), a diagnostic is issued and the normal prompt)B(is used as f)133
+(he second prompt for that passphrase, otherwise blank)-2.5 E .177
+(If the helper doesn')133 410.4 R 2.677(te)-.18 G .177
+(xist \(the shell e)-2.827 F .177(xits with)-.15 F F1(127)2.677 E F0
+.178(\), a diagnostic is issued and the normal prompt)B(is used as f)133
 422.4 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
 G(ther reason, the prompting is aborted.)-2.5 E F1 1.666
 (TPM1.X back-end con\214guration)72 439.2 R .625(TPM selection)87 451.2
-R F0(The)108 463.2 Q F2(tzpfms)2.729 E F0 .229
-(suite connects to a local)2.729 F F4(tcsd)2.73 E F0 .23
-(\(8\) process \(at)B F4(localhost:30003)2.73 E F0 2.73(\)b)C 2.73(yd)
--2.73 G(ef)-2.73 E 2.73(ault. Use)-.1 F(the)2.73 E(en)108 475.2 Q
-(vironment v)-.4 E(ariable)-.25 E F4(TZPFMS_TPM1X)2.5 E F0
-(to specify a remote TCS hostname.)2.5 E .111(The T)108 492 R(rouSerS)
--.35 E F4(tcsd)2.611 E F0 .111(\(8\) daemon will try)B F4(/dev/tpm0)2.61
-E F0 2.61(,t)C(hen)-2.61 E F4(/udev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E
-F4(/dev/tpm)2.61 E F0 2.61(;b)C 2.61(yo)-2.61 G(ccu-)-2.61 E -.1(py)108
-504 S(ing one of the earlier ones with, for e).1 E
+R F0(The)108 463.2 Q F2(tzpfms)2.73 E F0 .23(suite connects to a local)
+2.73 F F4(tcsd)2.73 E F0 .23(\(8\) process \(at)B F4(localhost:30003)
+2.729 E F0 2.729(\)b)C 2.729(yd)-2.729 G(ef)-2.729 E 2.729(ault. Use)-.1
+F(the)2.729 E(en)108 475.2 Q(vironment v)-.4 E(ariable)-.25 E F4
+(TZPFMS_TPM1X)2.5 E F0(to specify a remote TCS hostname.)2.5 E .11
+(The T)108 492 R(rouSerS)-.35 E F4(tcsd)2.61 E F0 .11
+(\(8\) daemon will try)B F4(/dev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E F4
+(/udev/tpm0)2.611 E F0 2.611(,t)C(hen)-2.611 E F4(/dev/tpm)2.611 E F0
+2.611(;b)C 2.611(yo)-2.611 G(ccu-)-2.611 E -.1(py)108 504 S
+(ing one of the earlier ones with, for e).1 E
 (xample, shell redirection, a later one can be selected.)-.15 E F1 .625
 (See also)87 520.8 R F0(The T)108 532.8 Q
 (rouSerS project page at https://sourcefor)-.35 E
@@ -651,11 +1011,11 @@ F4(/dev/tpm)2.61 E F0 2.61(;b)C 2.61(yo)-2.61 G(ccu-)-2.61 E -.1(py)108
 F1<83>128 638.4 Q F0(EvModder)7.5 E F1(REPOR)72 655.2 Q 1.666(TING B)-.4
 F(UGS)-.1 E F0(https://todo.sr)108 667.2 Q(.ht/\001nabijaczle)-.55 E
 (weli/tzpfms)-.25 E F4(\001nabijaczleweli/tzpfms@lists.sr.ht)108 684 Q
-F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
+F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
 (https://lists.sr)108 696 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25
 E(tzpfms 0.3.4-14-gf5996ad)72 817.889 Q(December 4, 2022)84.693 E(1)
 183.842 E 0 Cg EP
-%%Page: 1 7
+%%Page: 1 12
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -664,112 +1024,112 @@ BP
 F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
 (zfs-tpm2-change-key)108 96 Q F0 2.5<8a63>2.5 G(hange ZFS dataset k)-2.5
 E .3 -.15(ey t)-.1 H 2.5(oo).15 G(ne stored on the TPM)-2.5 E F1
-(SYNOPSIS)72 112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2<ad62>
-1.666 E/F3 10/Courier-Oblique@0 SF(backup-file)6 E F0 2.5(][)C F2<ad50>
--.834 E F3(algorithm)6 E F2(:)A F3(PCR)A F0([)A F2(,)A F3(PCR)A F0 1.666
-(]...)C([)186 136.8 Q F2(+)A F3(algorithm)A F2(:)A F3(PCR)A F0([)A F2(,)
-A F3(PCR)A F0 1.666(]...)C -3.332 1.666(]... [)-1.666 H F2<ad41>A F0(]])
-A F3(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0 1.676 -.8(To n)108 165.6
-T(ormalise).8 E F3(dataset)2.576 E F0(,)A F2(zfs-tpm-list)2.576 E F0
-.076(will open its encryption root in its stead.)2.576 F F2
-(zfs-tpm-list)5.077 E F0(will)108 177.6 Q/F4 10/Times-Italic@0 SF(ne)2.5
-E(ver)-.15 E F0(create or destro)2.5 E 2.5(ye)-.1 G
-(ncryption roots; use)-2.5 E/F5 10/Courier@0 SF(zfs-change-key)2.5 E F0
-(\(8\) for that.)A(First, a connection is made to the TPM, which)108
-194.4 Q F4(must)2.5 E F0(be TPM-2.0-compatible.)2.5 E(If)108 211.2 Q F3
-(dataset)3.055 E F0 -.1(wa)3.055 G 3.055(sp).1 G(re)-3.055 E .555
-(viously encrypted with)-.25 F F2(tzpfms)3.055 E F0 .555(and the)3.055 F
-F1(TPM2)3.055 E F0 .554(back-end w)3.054 F .554(as used, the pre)-.1 F
-(vious)-.25 E -.1(ke)108 223.2 S 3.059(yw)-.05 G .559
-(ill be freed from the TPM.)-3.059 F .56
+(SYNOPSIS)72 112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)2.5 E F2
+<ad62>1.666 E/F3 10/Courier-Oblique@0 SF(backup-file)6 E F0 2.5(][)C F2
+<ad50>-.834 E F3(algorithm)6 E F2(:)A F3(PCR)A F0([)A F2(,)A F3(PCR)A F0
+1.666(]...)C([)234 136.8 Q F2(+)A F3(algorithm)A F2(:)A F3(PCR)A F0([)A
+F2(,)A F3(PCR)A F0 1.666(]...)C -3.332 1.666(]... [)-1.666 H F2<ad41>A
+F0(]])A F3(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0 4.32 -.8(To n)108
+165.6 T(ormalise).8 E F3(dataset)5.22 E F0(,)A F2(zfs-fido2-add-backup)
+5.22 E F0 2.719(will open its encryption root in its stead.)5.22 F F2
+(zfs-fido2-add-backup)108 177.6 Q F0(will)14.654 E/F4 10/Times-Italic@0
+SF(ne)14.654 E(ver)-.15 E F0 12.154(create or destro)14.654 F 14.655(ye)
+-.1 G 12.155(ncryption roots; use)-14.655 F/F5 10/Courier@0 SF
+(zfs-change-key)108 189.6 Q F0(\(8\) for that.)A
+(First, a connection is made to the TPM, which)108 206.4 Q F4(must)2.5 E
+F0(be TPM-2.0-compatible.)2.5 E(If)108 223.2 Q F3(dataset)3.055 E F0 -.1
+(wa)3.055 G 3.055(sp).1 G(re)-3.055 E .555(viously encrypted with)-.25 F
+F2(tzpfms)3.055 E F0 .555(and the)3.055 F F1(TPM2)3.055 E F0 .554
+(back-end w)3.054 F .554(as used, the pre)-.1 F(vious)-.25 E -.1(ke)108
+235.2 S 3.059(yw)-.05 G .559(ill be freed from the TPM.)-3.059 F .56
 (Otherwise, or in case of an error)5.56 F 3.06(,d)-.4 G .56
 (ata required for manual interv)-3.06 F(en-)-.15 E
-(tion will be written to the standard error stream.)108 235.2 Q(Ne)108
-252 Q .295(xt, a ne)-.15 F 2.794(ww)-.25 G .294(rapping k)-2.794 F .594
+(tion will be written to the standard error stream.)108 247.2 Q(Ne)108
+264 Q .295(xt, a ne)-.15 F 2.794(ww)-.25 G .294(rapping k)-2.794 F .594
 -.15(ey i)-.1 H 2.794(sg).15 G .294
 (enerated on the TPM, optionally back)-2.794 F .294(ed up \(see)-.1 F F1
 (OPTIONS)2.794 E F0 .294(\), and sealed)B .588
-(to a persistent object on the TPM under the o)108 264 R .589
+(to a persistent object on the TPM under the o)108 276 R .589
 (wner hierarch)-.25 F .589(y; if there is a passphrase set on the o)-.05
-F(wner)-.25 E(hierarch)108 276 Q 1.603 -.65(y, t)-.05 H .302
+F(wner)-.25 E(hierarch)108 288 Q 1.603 -.65(y, t)-.05 H .302
 (he user is prompted for it; the user is al).65 F -.1(wa)-.1 G .302
 (ys prompted for an optional passphrase to protect).1 F
-(the sealed object with.)108 288 Q(The follo)108 304.8 Q
+(the sealed object with.)108 300 Q(The follo)108 316.8 Q
 (wing properties are set on)-.25 E F3(dataset)2.5 E F0(:)A F1<83>128
-316.8 Q F5(xyz.nabijaczleweli:tzpfms.backend)7.5 E F0(=)A F1(TPM2)A<83>
-128 328.8 Q F5(xyz.nabijaczleweli:tzpfms.key)7.5 E F0(=)A F3
-(persistent-object-ID)A F0([)139 340.8 Q F2(;)A F3(algorithm)A F2(:)A F3
+328.8 Q F5(xyz.nabijaczleweli:tzpfms.backend)7.5 E F0(=)A F1(TPM2)A<83>
+128 340.8 Q F5(xyz.nabijaczleweli:tzpfms.key)7.5 E F0(=)A F3
+(persistent-object-ID)A F0([)139 352.8 Q F2(;)A F3(algorithm)A F2(:)A F3
 (PCR)A F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C([)-1.666 E F2(+)A F3
 (algorithm)A F2(:)A F3(PCR)A F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C
-1.666(]...)-1.666 G(])-1.666 E F5(tzpfms.backend)108 357.6 Q F0 1.263
+1.666(]...)-1.666 G(])-1.666 E F5(tzpfms.backend)108 369.6 Q F0 1.263
 (identi\214es this dataset for w)3.763 F 1.264(ork with)-.1 F F1(TPM2)
 3.764 E F0(-back-ended)A F2(tzpfms)3.764 E F0 1.264(tools \(namely)3.764
-F F5(zfs-tpm2-change-key)108 369.6 Q F0(\(8\),)A F5(zfs-tpm2-load-key)
+F F5(zfs-tpm2-change-key)108 381.6 Q F0(\(8\),)A F5(zfs-tpm2-load-key)
 2.5 E F0(\(8\), and)A F5(zfs-tpm2-clear-key)2.5 E F0(\(8\)\).)A F5
-(tzpfms.key)108 386.4 Q F0 1.509(is an inte)4.009 F 1.509
+(tzpfms.key)108 398.4 Q F0 1.509(is an inte)4.009 F 1.509
 (ger representing the sealed object, optionally follo)-.15 F 1.509
 (wed by a semicolon and)-.25 F .822(PCR list as speci\214ed with)108
-398.4 R F2<ad50>4.988 E F0 3.322(,n)C .822(ormalised to be)-3.322 F F2
+410.4 R F2<ad50>4.988 E F0 3.322(,n)C .822(ormalised to be)-3.322 F F2
 (tpm-tools)3.322 E F0 .823(-toolchain-compatible; if needed, it can)B
-.866(be passed to)108 410.4 R F2 2.532(tpm2_unseal \255c)3.366 F F5
+.866(be passed to)108 422.4 R F2 2.532(tpm2_unseal \255c)3.366 F F5
 (${tzpfms.key)6.866 E F2(%%)A F5(;)A/F6 10/Symbol SF(*)A F5(})A F0(with)
 3.366 E F2<ad70>5.032 E F0(")6.866 E F5(str:${passphrase})A F0 3.365("o)
-C(r)-3.365 E F2<ad70>109.666 422.4 Q F0(")6.727 E F5(pcr:${tzpfms.key)A
+C(r)-3.365 E F2<ad70>109.666 434.4 Q F0(")6.727 E F5(pcr:${tzpfms.key)A
 F2(#)A F6(*)A F5(;})A F0 .727(", as the case may be, or equi)B -.25(va)
 -.25 G .728(lent, for back-up \(see).25 F F1(OPTIONS)3.228 E F0(\).)A
-.448(If you ha)108 434.4 R .748 -.15(ve a s)-.2 H .448(ealed k).15 F
+.448(If you ha)108 446.4 R .748 -.15(ve a s)-.2 H .448(ealed k).15 F
 .748 -.15(ey y)-.1 H .448(ou can access with that or equi).15 F -.25(va)
 -.25 G .447(lent tool and set both of these properties, it).25 F
-(will funxion seamlessly)108 446.4 Q(.)-.65 E(Finally)108 463.2 Q 12.005
+(will funxion seamlessly)108 458.4 Q(.)-.65 E(Finally)108 475.2 Q 12.005
 (,t)-.65 G 9.505(he equi)-12.005 F -.25(va)-.25 G 9.505(lent of).25 F F2
 9.505(zfs change-key)12.005 F<ad6f>17.172 E F5(keylocation=prompt)15.506
-E F2<ad6f>17.172 E F5(keyformat=raw)108 475.2 Q F3(dataset)6.107 E F0
+E F2<ad6f>17.172 E F5(keyformat=raw)108 487.2 Q F3(dataset)6.107 E F0
 .107(is performed with the ne)2.607 F 2.606(wk)-.25 G -.15(ey)-2.706 G
 5.106(.I)-.5 G 2.606(fa)-5.106 G 2.606(ne)-2.606 G .106
 (rror occurred, best ef)-2.606 F .106(fort is made)-.25 F .289(to clean\
  up the persistent object and properties, or to issue a note for manual\
- interv)108 487.2 R .29(ention into the stan-)-.15 F(dard error stream.)
-108 499.2 Q 2.625<418c>108 516 S .125(nal v)-2.625 F .125
+ interv)108 499.2 R .29(ention into the stan-)-.15 F(dard error stream.)
+108 511.2 Q 2.625<418c>108 528 S .125(nal v)-2.625 F .125
 (eri\214cation should be made by running)-.15 F F2 1.79
 (zfs-tpm2-load-key \255n)2.624 F F3(dataset)6.124 E F0 5.124(.I)C 2.624
 (ft)-5.124 G .124(hat com-)-2.624 F .506(mand succeeds, all is well, b)
-108 528 R .506(ut otherwise the dataset can be manually rolled back to \
-a passphrase with)-.2 F F2(zfs-tpm2-clear-key)108 540 Q F3(dataset)
+108 540 R .506(ut otherwise the dataset can be manually rolled back to \
+a passphrase with)-.2 F F2(zfs-tpm2-clear-key)108 552 Q F3(dataset)
 11.539 E F0(\(or)8.039 E 8.039(,i)-.4 G 8.039(ft)-8.039 G 5.539(hat f)
 -8.039 F 5.539(ails to w)-.1 F(ork,)-.1 E F2 5.539(zfs change-key)8.039
-F<ad6f>13.204 E F5(keyformat=passphrase)108 552 Q F3(dataset)6 E F0
+F<ad6f>13.204 E F5(keyformat=passphrase)108 564 Q F3(dataset)6 E F0
 (\), and you are hereby ask)A(ed to report a b)-.1 E(ug, please.)-.2 E
-F2(zfs-tpm2-clear-key)108 568.8 Q F3(dataset)6.029 E F0 .029
+F2(zfs-tpm2-clear-key)108 580.8 Q F3(dataset)6.029 E F0 .029
 (can be used to free the TPM persistent object and go back to us-)2.529
-F(ing a passphrase.)108 580.8 Q F1(OPTIONS)72 597.6 Q F2<ad62>109.666
-609.6 Q F3(backup-file)6 E F0(Sa)203 609.6 Q .353 -.15(ve a b)-.2 H .052
+F(ing a passphrase.)108 592.8 Q F1(OPTIONS)72 609.6 Q F2<ad62>109.666
+621.6 Q F3(backup-file)6 E F0(Sa)203 621.6 Q .353 -.15(ve a b)-.2 H .052
 (ack-up of the k).15 F .352 -.15(ey t)-.1 H(o).15 E F3(backup-file)2.552
 E F0 2.552(,w)C .052(hich must not e)-2.552 F .052(xist beforehand.)-.15
-F .693(This back-up)203 621.6 R F4(must)3.193 E F0 .694
+F .693(This back-up)203 633.6 R F4(must)3.193 E F0 .694
 (be stored securely)3.193 F 3.194(,o)-.65 G -.25(ff)-3.194 G 3.194
 (-site. In).25 F .694(case of a catastrophic e)3.194 F -.15(ve)-.25 G
-(nt,).15 E(the k)203 633.6 Q .3 -.15(ey c)-.1 H(an be loaded by running)
-.15 E F2(zfs load-key)233 645.6 Q F3(dataset)6 E F5(<)6 E F3
-(backup-file)6 E F2<ad50>109.666 662.4 Q F3(algorithm)6 E F2(:)A F3(PCR)
+(nt,).15 E(the k)203 645.6 Q .3 -.15(ey c)-.1 H(an be loaded by running)
+.15 E F2(zfs load-key)233 657.6 Q F3(dataset)6 E F5(<)6 E F3
+(backup-file)6 E F2<ad50>109.666 674.4 Q F3(algorithm)6 E F2(:)A F3(PCR)
 A F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C([)-1.666 E F2(+)A F3(algorithm)
 A F2(:)A F3(PCR)A F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C 1.666(]...)
--1.666 G 1.425(Bind the k)203 674.4 R 1.725 -.15(ey t)-.1 H 3.925(os).15
+-1.666 G 1.425(Bind the k)203 686.4 R 1.725 -.15(ey t)-.1 H 3.925(os).15
 G 1.425(pace- or comma-separated)-3.925 F F3(PCR)3.924 E F0 3.924(sw)C
-1.424(ithin their corresponding)-3.924 F(hashing)203 686.4 Q F3
+1.424(ithin their corresponding)-3.924 F(hashing)203 698.4 Q F3
 (algorithm)2.523 E F0 2.523<8a69>2.523 G 2.523(ft)-2.523 G(he)-2.523 E
 2.523(yc)-.15 G .023(hange, the wrapping k)-2.523 F .323 -.15(ey w)-.1 H
-.024(ill not be able to be).15 F 2.5(unsealed. There)203 698.4 R(are)2.5
+.024(ill not be able to be).15 F 2.5(unsealed. There)203 710.4 R(are)2.5
 E F1(24)2.5 E F0(PCRs, numbered [)2.5 E F1(0)A F0(,)A F1(23)2.5 E F0(].)
-A F3(algorithm)203 715.2 Q F0 2.968(may be an)5.469 F 5.468(yo)-.15 G
+A F3(algorithm)203 727.2 Q F0 2.968(may be an)5.469 F 5.468(yo)-.15 G
 5.468(fc)-5.468 G(ase-insensiti)-5.468 E 3.268 -.15(ve ")-.25 H F1(sha1)
 .15 E F0 2.968(", ")B F1(sha256)A F0 2.968(", ")B F1(sha384)A F0(",)A(")
-203 727.2 Q F1(sha512)A F0 4.983(", ")B F1(sm3_256)A F0 4.983(", ")B F1
+203 739.2 Q F1(sha512)A F0 4.983(", ")B F1(sm3_256)A F0 4.983(", ")B F1
 (sm3-256)A F0 4.983(", ")B F1(sha3_256)A F0 4.983(", ")B F1(sha3-256)A
-F0 4.983(", ")B F1(sha3_384)A F0(",)A(")203 739.2 Q F1(sha3-384)A F0
+F0 4.983(", ")B F1(sha3_384)A F0(",)A(")203 751.2 Q F1(sha3-384)A F0
 (", ")A F1(sha3_512)A F0(", or ")A F1(sha3-512)A F0
 (", and must be supported by the TPM.)A(tzpfms 0.3.4-14-gf5996ad)72
 817.889 Q(February 28, 2024)84.688 E(1)183.837 E 0 Cg EP
-%%Page: 2 8
+%%Page: 2 13
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -847,7 +1207,7 @@ E F3 1.666(SEE ALSO)72 616.8 R F4(tpm2_unseal)108 628.8 Q F0(\(1\))A
 r_TPM_2p0_Systems_v51.pdf, Section 2.3.4 "PCR Usage", T)108 669.6 Q
 (able)-.8 E(1.)108 681.6 Q(tzpfms 0.3.4-14-gf5996ad)72 817.889 Q
 (February 28, 2024)84.688 E(2)183.837 E 0 Cg EP
-%%Page: 1 9
+%%Page: 1 14
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -857,8 +1217,8 @@ F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
 (zfs-tpm2-clear-key)108 96 Q F0 2.5<8a72>2.5 G -.25(ew)-2.5 G
 (rap ZFS dataset k).25 E .3 -.15(ey i)-.1 H 2.5(np).15 G(asssw)-2.5 E
 (ord and clear tzpfms TPM2 metadata)-.1 E F1(SYNOPSIS)72 112.8 Q F2
-(zfs-tpm-list)108 124.8 Q/F3 10/Courier-Oblique@0 SF(dataset)2.5 E F1
-(DESCRIPTION)72 141.6 Q F0(After v)108 153.6 Q(erifying)-.15 E F3
+(zfs-fido2-add-backup)108 124.8 Q/F3 10/Courier-Oblique@0 SF(dataset)2.5
+E F1(DESCRIPTION)72 141.6 Q F0(After v)108 153.6 Q(erifying)-.15 E F3
 (dataset)2.5 E F0 -.1(wa)2.5 G 2.5(se).1 G(ncrypted with)-2.5 E F2
 (tzpfms)2.5 E F0(back)2.5 E(end)-.1 E F1(TPM2)2.5 E F0(:)A 5
 (1. performs)118 165.6 R 5.641(the equi)8.141 F -.25(va)-.25 G 5.641
@@ -928,7 +1288,7 @@ F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
 (https://lists.sr)108 710.4 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)
 -.25 E(tzpfms 0.3.4-14-gf5996ad)72 817.889 Q(December 4, 2022)84.693 E
 (1)183.842 E 0 Cg EP
-%%Page: 1 10
+%%Page: 1 15
 %%BeginPageSetup
 BP
 %%EndPageSetup
@@ -937,23 +1297,23 @@ BP
 (AD-KEY\(8\))-.35 E/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10
 /Courier-Bold@0 SF(zfs-tpm2-load-key)108 96 Q F0 2.5<8a6c>2.5 G
 (oad TPM2-encrypted ZFS dataset k)-2.5 E -.15(ey)-.1 G F1(SYNOPSIS)72
-112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E F0(])A/F3
-10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0 .864
-(After v)108 153.6 R(erifying)-.15 E F3(dataset)3.364 E F0 -.1(wa)3.364
-G 3.364(se).1 G .864(ncrypted with)-3.364 F F2(tzpfms)3.365 E F0(back)
-3.365 E(end)-.1 E F1(TPM2)3.365 E F0 3.365(,u)C .865(nseals the k)-3.365
-F 1.165 -.15(ey a)-.1 H .865(nd loads it).15 F(into)108 165.6 Q F3
-(dataset)2.5 E F0(.)A(The user is prompted for the additional passphras\
-e, set when creating the k)108 182.4 Q -.15(ey)-.1 G 2.5(,i)-.5 G 2.5
-(fo)-2.5 G(ne w)-2.5 E(as set.)-.1 E(See)108 199.2 Q/F4 10/Courier@0 SF
-(zfs-tpm2-change-key)2.5 E F0(\(8\) for a detailed description.)A F1
-(OPTIONS)72 216 Q F2<ad6e>109.666 228 Q F0 3.208
-(Do a no-op/dry run, can be used e)131 228 R -.15(ve)-.25 G 5.708(ni).15
-G 5.708(ft)-5.708 G 3.208(he k)-5.708 F 3.508 -.15(ey i)-.1 H 5.708(sa)
-.15 G 3.208(lready loaded.)-5.708 F(Equi)8.207 E -.25(va)-.25 G 3.207
-(lent to).25 F F2(zfs)5.707 E(load-key)131 240 Q F0 -.55('s)C F2<ad6e>
-4.716 E F0(option.)2.5 E F1(ENVIR)72 256.8 Q 1.666(ONMENT V)-.3 F
-(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 268.8 Q F0 .045
+112.8 Q F2(zfs-fido2-add-backup)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E
+F0(])A/F3 10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6
+Q F0 .864(After v)108 153.6 R(erifying)-.15 E F3(dataset)3.364 E F0 -.1
+(wa)3.364 G 3.364(se).1 G .864(ncrypted with)-3.364 F F2(tzpfms)3.365 E
+F0(back)3.365 E(end)-.1 E F1(TPM2)3.365 E F0 3.365(,u)C .865
+(nseals the k)-3.365 F 1.165 -.15(ey a)-.1 H .865(nd loads it).15 F
+(into)108 165.6 Q F3(dataset)2.5 E F0(.)A(The user is prompted for the \
+additional passphrase, set when creating the k)108 182.4 Q -.15(ey)-.1 G
+2.5(,i)-.5 G 2.5(fo)-2.5 G(ne w)-2.5 E(as set.)-.1 E(See)108 199.2 Q/F4
+10/Courier@0 SF(zfs-tpm2-change-key)2.5 E F0
+(\(8\) for a detailed description.)A F1(OPTIONS)72 216 Q F2<ad6e>109.666
+228 Q F0 3.208(Do a no-op/dry run, can be used e)131 228 R -.15(ve)-.25
+G 5.708(ni).15 G 5.708(ft)-5.708 G 3.208(he k)-5.708 F 3.508 -.15(ey i)
+-.1 H 5.708(sa).15 G 3.208(lready loaded.)-5.708 F(Equi)8.207 E -.25(va)
+-.25 G 3.207(lent to).25 F F2(zfs)5.707 E(load-key)131 240 Q F0 -.55('s)
+C F2<ad6e>4.716 E F0(option.)2.5 E F1(ENVIR)72 256.8 Q 1.666(ONMENT V)
+-.3 F(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 268.8 Q F0 .045
 (By def)133 280.8 R .045(ault, passphrases are prompted for and read in\
  on the standard output and input streams.)-.1 F(If)5.046 E F4
 (TZPFMS_PASSPHRASE_HELPER)133 292.8 Q F0 1.596(is set and nonempty)4.096
diff --git a/zfs-fido2-add-backup.8 b/zfs-fido2-add-backup.8
new file mode 100644
index 0000000..08a80cb
--- /dev/null
+++ b/zfs-fido2-add-backup.8
@@ -0,0 +1,125 @@
+.\" SPDX-License-Identifier: MIT
+.
+.Dd February 29, 2024
+.ds doc-volume-operating-system
+.Dt ZFS-FIDO2-ADD-BACKUP 8
+.Os fzifdso 0
+.
+.Sh NAME
+.Nm zfs-fido2-add-backup
+.Nd allow another FIDO2 device to unlock ZFS dataset
+.Sh SYNOPSIS
+.Nm
+.Ar dataset
+.
+.Sh DESCRIPTION
+After
+.Xr zfs-fido2-change-key 8
+derives the key for a dataset from a FIDO2 device,
+.Nm
+may be executed to extend this to any number of additional devices.
+.Pp
+First, the wrapping key is extracted as normally during
+.Xr zfs-fido2-load-key 8 ,
+then a credential is made as-if during
+.Xr zfs-fido2-change-key 8
+(except the "primary" device and all the ones holding backups are excluded from the search);
+however, the
+.Ql hmac-secret
+is instead used as a symmetric AES-256-GCM
+.Pq Xr EVP_CIPHER-AES 7ssl
+key to encrypt the wrapping key directly with a random IV.
+.Pp
+This turns the
+.Li xyz.nabijaczleweli:tzpfms.key
+variable into
+.br
+.Ar salt Ns Cm :\:\& Ns Ar credential-ID Ns Cm :\:\& Ns Ar credential-public-key Ns Oo Cm \&. Ns Ar backup-salt Ns Cm :\:\& Ns Ar backup-credential-ID Ns Cm :\:\& Ns Ar backup-credential-public-key Ns Cm :\:\& Ns Ar IV Ns Cm :\:\& Ns Ar encrypted-key Oc Ns …
+.Pp
+.Li tzpfms.key
+is actually a dot-separated list of device bundles.
+The first one is as-described in
+.Xr zfs-fido2-change-key 8 .
+Subsequent ones also include (identically-encoded) IVs and encrypted blobs.
+.Pp
+.Xr zfs-fido2-load-key 8
+shops assertions around devices in a device-major order \(em
+depending on device numbering, a backup may be loaded even if the primary device is present.
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh ENVIRONMENT VARIABLES
+.Bl -tag -compact -width 4n
+.It Ev TZPFMS_PASSPHRASE_HELPER
+By default, passphrases are prompted for and read in on the standard output and input streams.
+If
+.Ev TZPFMS_PASSPHRASE_HELPER
+is set and nonempty, it will be run via
+.Pa /bin/ Ns Nm sh Fl c
+to provide each passphrase, instead.
+.Pp
+The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any.
+The arguments are:
+.Bl -tag -compact -offset 2n -width ".Li $1"
+.It Li $1
+Pre-formatted noun phrase with all the information below, for use as a prompt
+.\" Passphrase for tarta-zoot
+.\" New passphrase for tarta-zoot (again)
+.It Li $2
+Either the dataset name or the element of the TPM hierarchy being prompted for
+.It Li $3
+.Qq new
+if this is for a new passphrase, otherwise blank
+.It Li $4
+.Qq again
+if it's the second prompt for that passphrase, otherwise blank
+.El
+.Pp
+If the helper doesn't exist
+.Pq the shell exits with Sy 127 ,
+a diagnostic is issued and the normal prompt is used as fall-back.
+If it fails for any other reason, the prompting is aborted.
+.
+.
+.El
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh FIDO2 back-end configuration
+.Ss Environment variables
+.Bl -tag -compact -width ".Ev FIDO_DEBUG"
+.It Ev FIDO_DEBUG
+If set, enables libfido2 debug logging to the standard error stream.
+.El
+.
+.Ss Device selection
+When creating, the first device which supports the
+.Ql hmac-secret
+extension is used.
+When loading, the assertion is shopped around to every such device.
+.
+.Ss See also
+The libfido2 documentation at
+.Lk https:/\&/developers.yubico.com/libfido2/ .
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh SPECIAL THANKS
+To all who support further development, in particular:
+.Bl -bullet -offset 4n -compact -width "@"
+.It
+ThePhD
+.It
+Embark Studios
+.It
+Jasper Bekkers
+.It
+EvModder
+.El
+.
+.Sh REPORTING BUGS
+.Lk https:/\&/todo.sr.ht/\(tinabijaczleweli/fzifdso
+.Pp
+.Mt \(tinabijaczleweli/tzpfms@lists.sr.ht ,
+archived at
+.Lk https:/\&/lists.sr.ht/\(tinabijaczleweli/tzpfms .
diff --git a/zfs-fido2-add-backup.8.html b/zfs-fido2-add-backup.8.html
new file mode 100644
index 0000000..e6d3444
--- /dev/null
+++ b/zfs-fido2-add-backup.8.html
@@ -0,0 +1,153 @@
+<!DOCTYPE html>
+<html>
+<!-- This is an automatically generated file.  Do not edit.
+   SPDX-License-Identifier: MIT
+ -->
+<head>
+  <meta charset="utf-8"/>
+  <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+  <link rel="stylesheet" href="style.css" type="text/css" media="all"/>
+  <title>ZFS-FIDO2-ADD-BACKUP(8)</title>
+</head>
+<body>
+<table class="head">
+  <tr>
+    <td class="head-ltitle">ZFS-FIDO2-ADD-BACKUP(8)</td>
+    <td class="head-vol">System Manager's Manual</td>
+    <td class="head-rtitle">ZFS-FIDO2-ADD-BACKUP(8)</td>
+  </tr>
+</table>
+<div class="manual-text">
+<section class="Sh">
+<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1>
+<p class="Pp"><code class="Nm">zfs-fido2-add-backup</code> &#x2014;
+    <span class="Nd">allow another FIDO2 device to unlock ZFS dataset</span></p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1>
+<table class="Nm">
+  <tr>
+    <td><code class="Nm">zfs-fido2-add-backup</code></td>
+    <td><var class="Ar">dataset</var></td>
+  </tr>
+</table>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1>
+<p class="Pp">After
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>
+    derives the key for a dataset from a FIDO2 device,
+    <code class="Nm">zfs-fido2-add-backup</code> may be executed to extend this
+    to any number of additional devices.</p>
+<p class="Pp">First, the wrapping key is extracted as normally during
+    <a class="Xr" href="zfs-fido2-load-key.8.html">zfs-fido2-load-key(8)</a>,
+    then a credential is made as-if during
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>
+    (except the &quot;primary&quot; device and all the ones holding backups are
+    excluded from the search); however, the
+    &#x2018;<code class="Li">hmac-secret</code>&#x2019; is instead used as a
+    symmetric AES-256-GCM
+    (<a class="Xr" href="https://manpages.debian.org/bookworm/EVP_CIPHER-AES.7ssl">EVP_CIPHER-AES(7ssl)</a>)
+    key to encrypt the wrapping key directly with a random IV.</p>
+<p class="Pp">This turns the
+    <code class="Li">xyz.nabijaczleweli:tzpfms.key</code> variable into
+  <br/>
+  <var class="Ar">salt</var><code class="Cm">:</code><var class="Ar">credential-ID</var><code class="Cm">:</code><var class="Ar">credential-public-key</var>[<code class="Cm">.</code><var class="Ar">backup-salt</var><code class="Cm">:</code><var class="Ar">backup-credential-ID</var><code class="Cm">:</code><var class="Ar">backup-credential-public-key</var><code class="Cm">:</code><var class="Ar">IV</var><code class="Cm">:</code><var class="Ar">encrypted-key</var>]&#x2026;</p>
+<p class="Pp"><code class="Li">tzpfms.key</code> is actually a dot-separated
+    list of device bundles. The first one is as-described in
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>.
+    Subsequent ones also include (identically-encoded) IVs and encrypted
+  blobs.</p>
+<p class="Pp"><a class="Xr" href="zfs-fido2-load-key.8.html">zfs-fido2-load-key(8)</a>
+    shops assertions around devices in a device-major order &#x2014; depending
+    on device numbering, a backup may be loaded even if the primary device is
+    present.</p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="ENVIRONMENT_VARIABLES"><a class="permalink" href="#ENVIRONMENT_VARIABLES">ENVIRONMENT
+  VARIABLES</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="TZPFMS_PASSPHRASE_HELPER"><a class="permalink" href="#TZPFMS_PASSPHRASE_HELPER"><code class="Ev">TZPFMS_PASSPHRASE_HELPER</code></a></dt>
+  <dd>By default, passphrases are prompted for and read in on the standard
+      output and input streams. If
+      <code class="Ev">TZPFMS_PASSPHRASE_HELPER</code> is set and nonempty, it
+      will be run via <span class="Pa">/bin/</span><code class="Nm">sh</code>
+      <code class="Fl">-c</code> to provide each passphrase, instead.
+    <p class="Pp">The standard output stream of the helper is tied to an
+        anonymous file and used in its entirety as the passphrase, except for a
+        trailing new-line, if any. The arguments are:</p>
+    <div class="Bd-indent">
+    <dl class="Bl-tag Bl-compact">
+      <dt id="$1"><a class="permalink" href="#$1"><code class="Li">$1</code></a></dt>
+      <dd>Pre-formatted noun phrase with all the information below, for use as a
+          prompt</dd>
+      <dt id="$2"><a class="permalink" href="#$2"><code class="Li">$2</code></a></dt>
+      <dd>Either the dataset name or the element of the TPM hierarchy being
+          prompted for</dd>
+      <dt id="$3"><a class="permalink" href="#$3"><code class="Li">$3</code></a></dt>
+      <dd>&quot;new&quot; if this is for a new passphrase, otherwise blank</dd>
+      <dt id="$4"><a class="permalink" href="#$4"><code class="Li">$4</code></a></dt>
+      <dd>&quot;again&quot; if it's the second prompt for that passphrase,
+          otherwise blank</dd>
+    </dl>
+    </div>
+    <p class="Pp" id="127">If the helper doesn't exist (the shell exits with
+        <a class="permalink" href="#127"><b class="Sy">127</b></a>), a
+        diagnostic is issued and the normal prompt is used as fall-back. If it
+        fails for any other reason, the prompting is aborted.</p>
+  </dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="FIDO2_back-end_configuration"><a class="permalink" href="#FIDO2_back-end_configuration">FIDO2
+  back-end configuration</a></h1>
+<section class="Ss">
+<h2 class="Ss" id="Environment_variables"><a class="permalink" href="#Environment_variables">Environment
+  variables</a></h2>
+<dl class="Bl-tag Bl-compact">
+  <dt id="FIDO_DEBUG"><a class="permalink" href="#FIDO_DEBUG"><code class="Ev">FIDO_DEBUG</code></a></dt>
+  <dd>If set, enables libfido2 debug logging to the standard error stream.</dd>
+</dl>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="Device_selection"><a class="permalink" href="#Device_selection">Device
+  selection</a></h2>
+<p class="Pp">When creating, the first device which supports the
+    &#x2018;<code class="Li">hmac-secret</code>&#x2019; extension is used. When
+    loading, the assertion is shopped around to every such device.</p>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="See_also"><a class="permalink" href="#See_also">See
+  also</a></h2>
+<p class="Pp">The libfido2 documentation at
+    <a class="Lk" href="https://developers.yubico.com/libfido2/">https://developers.yubico.com/libfido2/</a>.</p>
+</section>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SPECIAL_THANKS"><a class="permalink" href="#SPECIAL_THANKS">SPECIAL
+  THANKS</a></h1>
+<p class="Pp">To all who support further development, in particular:</p>
+<ul class="Bl-bullet Bd-indent Bl-compact">
+  <li>ThePhD</li>
+  <li>Embark Studios</li>
+  <li>Jasper Bekkers</li>
+  <li>EvModder</li>
+</ul>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="REPORTING_BUGS"><a class="permalink" href="#REPORTING_BUGS">REPORTING
+  BUGS</a></h1>
+<p class="Pp"><a class="Lk" href="https://todo.sr.ht/~nabijaczleweli/fzifdso">https://todo.sr.ht/~nabijaczleweli/fzifdso</a></p>
+<p class="Pp"><a class="Mt" href="mailto:~nabijaczleweli/tzpfms@lists.sr.ht">~nabijaczleweli/tzpfms@lists.sr.ht</a>,
+    archived at
+    <a class="Lk" href="https://lists.sr.ht/~nabijaczleweli/tzpfms">https://lists.sr.ht/~nabijaczleweli/tzpfms</a>.</p>
+</section>
+</div>
+<table class="foot">
+  <tr>
+    <td class="foot-date">February 29, 2024</td>
+    <td class="foot-os">fzifdso 0</td>
+  </tr>
+</table>
+</body>
+</html>
diff --git a/zfs-fido2-change-key.8 b/zfs-fido2-change-key.8
new file mode 100644
index 0000000..6bd3f57
--- /dev/null
+++ b/zfs-fido2-change-key.8
@@ -0,0 +1,186 @@
+.\" SPDX-License-Identifier: MIT
+.
+.Dd February 29, 2024
+.ds doc-volume-operating-system
+.Dt ZFS-FIDO2-CHANGE-KEY 8
+.Os fzifdso 0
+.
+.Sh NAME
+.Nm zfs-fido2-change-key
+.Nd change ZFS dataset key to one authenticated by a FIDO2 device
+.Sh SYNOPSIS
+.Nm
+.Op Fl b Ar backup-file
+.Ar dataset
+.
+.Sh DESCRIPTION
+To normalise the
+.Ar dataset ,
+.Nm
+will open its encryption root in its stead.
+.Nm
+will
+.Em never
+create or destroy encryption roots; use
+.Xr zfs-change-key 8
+for that.
+.Pp
+First, a connection is made to the FIDO2 device, which
+.Em must
+support the
+.Ql hmac-secret
+extension.
+.Pp
+If
+.Ar dataset
+was previously encrypted with
+.Nm fzifdso
+and the
+.Sy FIDO2
+back-end was used, the metadata will be silently cleared.
+Otherwise, or in case of an error, data required for manual intervention will be written to the standard error stream.
+.Pp
+Next, a new credential of type ES256 is generated on the device (with relying party ID
+.Li fzifdso
+and name equal to the dataset name)
+with the
+.Ql hmac-secret
+extension requested; the device PIN, if any, is prompted for here.
+This mimicks a WebAuthn registration step.
+.Pp
+Then, the credential is asserted with a 32-byte random salt,
+which hashes it with device-private data, and thus generates the wrapping key
+.Pq which is optionally backed up Pq see Sx OPTIONS .
+This mimicks a WebAuthn login step.
+.Pp
+The following properties are set on
+.Ar dataset :
+.Bl -bullet -compact -offset 4n -width "@"
+.It
+.Li xyz.nabijaczleweli:tzpfms.backend Ns = Ns Sy FIDO2
+.It
+.Li xyz.nabijaczleweli:tzpfms.key Ns = Ns Ar salt Ns Cm :\:\& Ns Ar credential-ID Ns Cm :\:\& Ns Ar credential-public-key Ns Oo Cm \&. Ns … Oc Ns …
+.El
+.Pp
+.Li tzpfms.backend
+identifies this dataset for work with
+.Sy FIDO2 Ns -back-ended
+.Nm tzpfms
+tools
+.Pq i.e. Nm fzifdso Xr zfs-fido2-change-key 8 , Xr zfs-fido2-load-key 8 , Xr zfs-fido2-add-backup 8 , and Xr zfs-fido2-clear-key 8 .
+.Pp
+.Li tzpfms.key
+is a colon-separated tuple of unpadded URL-safe base64 blobs;
+the first one is the random salt;
+the second represents the ID of created credential,
+and the third \(en its public key.
+There exists no other user-land tool for deciphering this; perhaps there should be.
+.\"" TODO: make an LD_PRELOADable for extracting the key maybe?
+.Pp
+Finally, the equivalent of
+.Nm zfs Cm change-key Fl o Li keylocation=prompt Fl o Li keyformat=raw Ar dataset
+is performed with the new key.
+If an error occurred, best effort is made to clean up the properties,
+or to issue a note for manual intervention into the standard error stream.
+.Pp
+A final verification should be made by running
+.Nm zfs-fido2-load-key Fl n Ar dataset .
+If that command succeeds, all is well,
+but otherwise the dataset can be manually rolled back to a passphrase with
+.Nm zfs-fido2-clear-key Ar dataset
+.Pq or, if that fails to work, Nm zfs Cm change-key Fl o Li keyformat=passphrase Ar dataset ,
+and you are hereby asked to report a bug, please.
+.Pp
+.Nm zfs-fido2-clear-key Ar dataset
+can be used to clear the properties and go back to using a passphrase.
+.
+.Sh OPTIONS
+.Bl -tag -compact -width ".Fl b Ar backup-file"
+.It Fl b Ar backup-file
+Save a back-up of the key to
+.Ar backup-file ,
+which must not exist beforehand.
+This back-up
+.Em must
+be stored securely, off-site.
+In case of a catastrophic event, the key can be loaded by running
+.Dl Nm zfs Cm load-key Ar dataset Li < Ar backup-file
+.El
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh ENVIRONMENT VARIABLES
+.Bl -tag -compact -width 4n
+.It Ev TZPFMS_PASSPHRASE_HELPER
+By default, passphrases are prompted for and read in on the standard output and input streams.
+If
+.Ev TZPFMS_PASSPHRASE_HELPER
+is set and nonempty, it will be run via
+.Pa /bin/ Ns Nm sh Fl c
+to provide each passphrase, instead.
+.Pp
+The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any.
+The arguments are:
+.Bl -tag -compact -offset 2n -width ".Li $1"
+.It Li $1
+Pre-formatted noun phrase with all the information below, for use as a prompt
+.\" Passphrase for tarta-zoot
+.\" New passphrase for tarta-zoot (again)
+.It Li $2
+Either the dataset name or the element of the TPM hierarchy being prompted for
+.It Li $3
+.Qq new
+if this is for a new passphrase, otherwise blank
+.It Li $4
+.Qq again
+if it's the second prompt for that passphrase, otherwise blank
+.El
+.Pp
+If the helper doesn't exist
+.Pq the shell exits with Sy 127 ,
+a diagnostic is issued and the normal prompt is used as fall-back.
+If it fails for any other reason, the prompting is aborted.
+.
+.
+.El
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh FIDO2 back-end configuration
+.Ss Environment variables
+.Bl -tag -compact -width ".Ev FIDO_DEBUG"
+.It Ev FIDO_DEBUG
+If set, enables libfido2 debug logging to the standard error stream.
+.El
+.
+.Ss Device selection
+When creating, the first device which supports the
+.Ql hmac-secret
+extension is used.
+When loading, the assertion is shopped around to every such device.
+.
+.Ss See also
+The libfido2 documentation at
+.Lk https:/\&/developers.yubico.com/libfido2/ .
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh SPECIAL THANKS
+To all who support further development, in particular:
+.Bl -bullet -offset 4n -compact -width "@"
+.It
+ThePhD
+.It
+Embark Studios
+.It
+Jasper Bekkers
+.It
+EvModder
+.El
+.
+.Sh REPORTING BUGS
+.Lk https:/\&/todo.sr.ht/\(tinabijaczleweli/fzifdso
+.Pp
+.Mt \(tinabijaczleweli/tzpfms@lists.sr.ht ,
+archived at
+.Lk https:/\&/lists.sr.ht/\(tinabijaczleweli/tzpfms .
diff --git a/zfs-fido2-change-key.8.html b/zfs-fido2-change-key.8.html
new file mode 100644
index 0000000..68ea232
--- /dev/null
+++ b/zfs-fido2-change-key.8.html
@@ -0,0 +1,206 @@
+<!DOCTYPE html>
+<html>
+<!-- This is an automatically generated file.  Do not edit.
+   SPDX-License-Identifier: MIT
+ -->
+<head>
+  <meta charset="utf-8"/>
+  <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+  <link rel="stylesheet" href="style.css" type="text/css" media="all"/>
+  <title>ZFS-FIDO2-CHANGE-KEY(8)</title>
+</head>
+<body>
+<table class="head">
+  <tr>
+    <td class="head-ltitle">ZFS-FIDO2-CHANGE-KEY(8)</td>
+    <td class="head-vol">System Manager's Manual</td>
+    <td class="head-rtitle">ZFS-FIDO2-CHANGE-KEY(8)</td>
+  </tr>
+</table>
+<div class="manual-text">
+<section class="Sh">
+<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1>
+<p class="Pp"><code class="Nm">zfs-fido2-change-key</code> &#x2014;
+    <span class="Nd">change ZFS dataset key to one authenticated by a FIDO2
+    device</span></p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1>
+<table class="Nm">
+  <tr>
+    <td><code class="Nm">zfs-fido2-change-key</code></td>
+    <td>[<code class="Fl">-b</code> <var class="Ar">backup-file</var>]
+      <var class="Ar">dataset</var></td>
+  </tr>
+</table>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1>
+<p class="Pp">To normalise the <var class="Ar">dataset</var>,
+    <code class="Nm">zfs-fido2-change-key</code> will open its encryption root
+    in its stead. <code class="Nm">zfs-fido2-change-key</code> will
+    <a class="permalink" href="#never"><i class="Em" id="never">never</i></a>
+    create or destroy encryption roots; use
+    <a class="Xr" href="https://manpages.debian.org/bookworm/zfs-change-key.8">zfs-change-key(8)</a>
+    for that.</p>
+<p class="Pp">First, a connection is made to the FIDO2 device, which
+    <i class="Em">must</i> support the
+    &#x2018;<code class="Li">hmac-secret</code>&#x2019; extension.</p>
+<p class="Pp">If <var class="Ar">dataset</var> was previously encrypted with
+    <code class="Nm">fzifdso</code> and the <b class="Sy">FIDO2</b> back-end was
+    used, the metadata will be silently cleared. Otherwise, or in case of an
+    error, data required for manual intervention will be written to the standard
+    error stream.</p>
+<p class="Pp">Next, a new credential of type ES256 is generated on the device
+    (with relying party ID <code class="Li">fzifdso</code> and name equal to the
+    dataset name) with the &#x2018;<code class="Li">hmac-secret</code>&#x2019;
+    extension requested; the device PIN, if any, is prompted for here. This
+    mimicks a WebAuthn registration step.</p>
+<p class="Pp">Then, the credential is asserted with a 32-byte random salt, which
+    hashes it with device-private data, and thus generates the wrapping key
+    (which is optionally backed up (see
+    <a class="Sx" href="#OPTIONS">OPTIONS</a>)). This mimicks a WebAuthn login
+    step.</p>
+<p class="Pp">The following properties are set on
+  <var class="Ar">dataset</var>:</p>
+<ul class="Bl-bullet Bd-indent Bl-compact">
+  <li id="xyz.nabijaczleweli:tzpfms.backend"><a class="permalink" href="#xyz.nabijaczleweli:tzpfms.backend"><code class="Li">xyz.nabijaczleweli:tzpfms.backend</code></a>=<b class="Sy">FIDO2</b></li>
+  <li id="xyz.nabijaczleweli:tzpfms.key"><a class="permalink" href="#xyz.nabijaczleweli:tzpfms.key"><code class="Li">xyz.nabijaczleweli:tzpfms.key</code></a>=<var class="Ar">salt</var><code class="Cm">:</code><var class="Ar">credential-ID</var><code class="Cm">:</code><var class="Ar">credential-public-key</var>[<code class="Cm">.</code>&#x2026;]&#x2026;</li>
+</ul>
+<p class="Pp"><code class="Li">tzpfms.backend</code> identifies this dataset for
+    work with <b class="Sy">FIDO2</b>-back-ended <code class="Nm">tzpfms</code>
+    tools (i.e. <code class="Nm">fzifdso</code>
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>,
+    <a class="Xr" href="zfs-fido2-load-key.8.html">zfs-fido2-load-key(8)</a>,
+    <a class="Xr" href="zfs-fido2-add-backup.8.html">zfs-fido2-add-backup(8)</a>,
+    and
+    <a class="Xr" href="zfs-fido2-clear-key.8.html">zfs-fido2-clear-key(8)</a>).</p>
+<p class="Pp"><code class="Li">tzpfms.key</code> is a colon-separated tuple of
+    unpadded URL-safe base64 blobs; the first one is the random salt; the second
+    represents the ID of created credential, and the third &#x2013; its public
+    key. There exists no other user-land tool for deciphering this; perhaps
+    there should be.</p>
+<p class="Pp">Finally, the equivalent of <code class="Nm">zfs</code>
+    <code class="Cm">change-key</code> <code class="Fl">-o</code>
+    <code class="Li">keylocation=prompt</code> <code class="Fl">-o</code>
+    <code class="Li">keyformat=raw</code> <var class="Ar">dataset</var> is
+    performed with the new key. If an error occurred, best effort is made to
+    clean up the properties, or to issue a note for manual intervention into the
+    standard error stream.</p>
+<p class="Pp">A final verification should be made by running
+    <code class="Nm">zfs-fido2-load-key</code> <code class="Fl">-n</code>
+    <var class="Ar">dataset</var>. If that command succeeds, all is well, but
+    otherwise the dataset can be manually rolled back to a passphrase with
+    <code class="Nm">zfs-fido2-clear-key</code> <var class="Ar">dataset</var>
+    (or, if that fails to work, <code class="Nm">zfs</code>
+    <code class="Cm">change-key</code> <code class="Fl">-o</code>
+    <code class="Li">keyformat=passphrase</code> <var class="Ar">dataset</var>),
+    and you are hereby asked to report a bug, please.</p>
+<p class="Pp"><code class="Nm">zfs-fido2-clear-key</code>
+    <var class="Ar">dataset</var> can be used to clear the properties and go
+    back to using a passphrase.</p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="OPTIONS"><a class="permalink" href="#OPTIONS">OPTIONS</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="b"><a class="permalink" href="#b"><code class="Fl">-b</code></a>
+    <var class="Ar">backup-file</var></dt>
+  <dd>Save a back-up of the key to <var class="Ar">backup-file</var>, which must
+      not exist beforehand. This back-up <i class="Em">must</i> be stored
+      securely, off-site. In case of a catastrophic event, the key can be loaded
+      by running
+    <div class="Bd Bd-indent"><code class="Li"><code class="Nm">zfs</code>
+      <code class="Cm">load-key</code> <var class="Ar">dataset</var>
+      <code class="Li">&lt;</code>
+      <var class="Ar">backup-file</var></code></div>
+  </dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="ENVIRONMENT_VARIABLES"><a class="permalink" href="#ENVIRONMENT_VARIABLES">ENVIRONMENT
+  VARIABLES</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="TZPFMS_PASSPHRASE_HELPER"><a class="permalink" href="#TZPFMS_PASSPHRASE_HELPER"><code class="Ev">TZPFMS_PASSPHRASE_HELPER</code></a></dt>
+  <dd>By default, passphrases are prompted for and read in on the standard
+      output and input streams. If
+      <code class="Ev">TZPFMS_PASSPHRASE_HELPER</code> is set and nonempty, it
+      will be run via <span class="Pa">/bin/</span><code class="Nm">sh</code>
+      <code class="Fl">-c</code> to provide each passphrase, instead.
+    <p class="Pp">The standard output stream of the helper is tied to an
+        anonymous file and used in its entirety as the passphrase, except for a
+        trailing new-line, if any. The arguments are:</p>
+    <div class="Bd-indent">
+    <dl class="Bl-tag Bl-compact">
+      <dt id="$1"><a class="permalink" href="#$1"><code class="Li">$1</code></a></dt>
+      <dd>Pre-formatted noun phrase with all the information below, for use as a
+          prompt</dd>
+      <dt id="$2"><a class="permalink" href="#$2"><code class="Li">$2</code></a></dt>
+      <dd>Either the dataset name or the element of the TPM hierarchy being
+          prompted for</dd>
+      <dt id="$3"><a class="permalink" href="#$3"><code class="Li">$3</code></a></dt>
+      <dd>&quot;new&quot; if this is for a new passphrase, otherwise blank</dd>
+      <dt id="$4"><a class="permalink" href="#$4"><code class="Li">$4</code></a></dt>
+      <dd>&quot;again&quot; if it's the second prompt for that passphrase,
+          otherwise blank</dd>
+    </dl>
+    </div>
+    <p class="Pp" id="127">If the helper doesn't exist (the shell exits with
+        <a class="permalink" href="#127"><b class="Sy">127</b></a>), a
+        diagnostic is issued and the normal prompt is used as fall-back. If it
+        fails for any other reason, the prompting is aborted.</p>
+  </dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="FIDO2_back-end_configuration"><a class="permalink" href="#FIDO2_back-end_configuration">FIDO2
+  back-end configuration</a></h1>
+<section class="Ss">
+<h2 class="Ss" id="Environment_variables"><a class="permalink" href="#Environment_variables">Environment
+  variables</a></h2>
+<dl class="Bl-tag Bl-compact">
+  <dt id="FIDO_DEBUG"><a class="permalink" href="#FIDO_DEBUG"><code class="Ev">FIDO_DEBUG</code></a></dt>
+  <dd>If set, enables libfido2 debug logging to the standard error stream.</dd>
+</dl>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="Device_selection"><a class="permalink" href="#Device_selection">Device
+  selection</a></h2>
+<p class="Pp">When creating, the first device which supports the
+    &#x2018;<code class="Li">hmac-secret</code>&#x2019; extension is used. When
+    loading, the assertion is shopped around to every such device.</p>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="See_also"><a class="permalink" href="#See_also">See
+  also</a></h2>
+<p class="Pp">The libfido2 documentation at
+    <a class="Lk" href="https://developers.yubico.com/libfido2/">https://developers.yubico.com/libfido2/</a>.</p>
+</section>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SPECIAL_THANKS"><a class="permalink" href="#SPECIAL_THANKS">SPECIAL
+  THANKS</a></h1>
+<p class="Pp">To all who support further development, in particular:</p>
+<ul class="Bl-bullet Bd-indent Bl-compact">
+  <li>ThePhD</li>
+  <li>Embark Studios</li>
+  <li>Jasper Bekkers</li>
+  <li>EvModder</li>
+</ul>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="REPORTING_BUGS"><a class="permalink" href="#REPORTING_BUGS">REPORTING
+  BUGS</a></h1>
+<p class="Pp"><a class="Lk" href="https://todo.sr.ht/~nabijaczleweli/fzifdso">https://todo.sr.ht/~nabijaczleweli/fzifdso</a></p>
+<p class="Pp"><a class="Mt" href="mailto:~nabijaczleweli/tzpfms@lists.sr.ht">~nabijaczleweli/tzpfms@lists.sr.ht</a>,
+    archived at
+    <a class="Lk" href="https://lists.sr.ht/~nabijaczleweli/tzpfms">https://lists.sr.ht/~nabijaczleweli/tzpfms</a>.</p>
+</section>
+</div>
+<table class="foot">
+  <tr>
+    <td class="foot-date">February 29, 2024</td>
+    <td class="foot-os">fzifdso 0</td>
+  </tr>
+</table>
+</body>
+</html>
diff --git a/zfs-fido2-clear-key.8 b/zfs-fido2-clear-key.8
new file mode 100644
index 0000000..dd2a76c
--- /dev/null
+++ b/zfs-fido2-clear-key.8
@@ -0,0 +1,113 @@
+.\" SPDX-License-Identifier: MIT
+.
+.Dd February 28, 2024
+.ds doc-volume-operating-system
+.Dt ZFS-FIDO2-CLEAR-KEY 8
+.Os fzifdso 0
+.
+.Sh NAME
+.Nm zfs-fido2-clear-key
+.Nd rewrap ZFS dataset key in passsword and clear tzpfms FIDO2 metadata
+.Sh SYNOPSIS
+.Nm
+.Ar dataset
+.
+.Sh DESCRIPTION
+After verifying
+.Ar dataset
+was encrypted with
+.Nm tzpfms
+backend
+.Sy FIDO2 :
+.Bl -enum -compact -offset 2n -width 2n
+.It
+performs the equivalent of
+.Nm zfs Cm change-key Fl o Li keylocation=prompt Fl o Li keyformat=passphrase Ar dataset ,
+.It
+removes the
+.Li xyz.nabijaczleweli:tzpfms.\& Ns Brq Li backend , key
+properties from
+.Ar dataset .
+.El
+.Pp
+See
+.Xr zfs-fido2-change-key 8
+for a detailed description.
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh ENVIRONMENT VARIABLES
+.Bl -tag -compact -width 4n
+.It Ev TZPFMS_PASSPHRASE_HELPER
+By default, passphrases are prompted for and read in on the standard output and input streams.
+If
+.Ev TZPFMS_PASSPHRASE_HELPER
+is set and nonempty, it will be run via
+.Pa /bin/ Ns Nm sh Fl c
+to provide each passphrase, instead.
+.Pp
+The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any.
+The arguments are:
+.Bl -tag -compact -offset 2n -width ".Li $1"
+.It Li $1
+Pre-formatted noun phrase with all the information below, for use as a prompt
+.\" Passphrase for tarta-zoot
+.\" New passphrase for tarta-zoot (again)
+.It Li $2
+Either the dataset name or the element of the TPM hierarchy being prompted for
+.It Li $3
+.Qq new
+if this is for a new passphrase, otherwise blank
+.It Li $4
+.Qq again
+if it's the second prompt for that passphrase, otherwise blank
+.El
+.Pp
+If the helper doesn't exist
+.Pq the shell exits with Sy 127 ,
+a diagnostic is issued and the normal prompt is used as fall-back.
+If it fails for any other reason, the prompting is aborted.
+.
+.
+.El
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh FIDO2 back-end configuration
+.Ss Environment variables
+.Bl -tag -compact -width ".Ev FIDO_DEBUG"
+.It Ev FIDO_DEBUG
+If set, enables libfido2 debug logging to the standard error stream.
+.El
+.
+.Ss Device selection
+When creating, the first device which supports the
+.Ql hmac-secret
+extension is used.
+When loading, the assertion is shopped around to every such device.
+.
+.Ss See also
+The libfido2 documentation at
+.Lk https:/\&/developers.yubico.com/libfido2/ .
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh SPECIAL THANKS
+To all who support further development, in particular:
+.Bl -bullet -offset 4n -compact -width "@"
+.It
+ThePhD
+.It
+Embark Studios
+.It
+Jasper Bekkers
+.It
+EvModder
+.El
+.
+.Sh REPORTING BUGS
+.Lk https:/\&/todo.sr.ht/\(tinabijaczleweli/fzifdso
+.Pp
+.Mt \(tinabijaczleweli/tzpfms@lists.sr.ht ,
+archived at
+.Lk https:/\&/lists.sr.ht/\(tinabijaczleweli/tzpfms .
diff --git a/zfs-fido2-clear-key.8.html b/zfs-fido2-clear-key.8.html
new file mode 100644
index 0000000..46e553e
--- /dev/null
+++ b/zfs-fido2-clear-key.8.html
@@ -0,0 +1,143 @@
+<!DOCTYPE html>
+<html>
+<!-- This is an automatically generated file.  Do not edit.
+   SPDX-License-Identifier: MIT
+ -->
+<head>
+  <meta charset="utf-8"/>
+  <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+  <link rel="stylesheet" href="style.css" type="text/css" media="all"/>
+  <title>ZFS-FIDO2-CLEAR-KEY(8)</title>
+</head>
+<body>
+<table class="head">
+  <tr>
+    <td class="head-ltitle">ZFS-FIDO2-CLEAR-KEY(8)</td>
+    <td class="head-vol">System Manager's Manual</td>
+    <td class="head-rtitle">ZFS-FIDO2-CLEAR-KEY(8)</td>
+  </tr>
+</table>
+<div class="manual-text">
+<section class="Sh">
+<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1>
+<p class="Pp"><code class="Nm">zfs-fido2-clear-key</code> &#x2014;
+    <span class="Nd">rewrap ZFS dataset key in passsword and clear tzpfms FIDO2
+    metadata</span></p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1>
+<table class="Nm">
+  <tr>
+    <td><code class="Nm">zfs-fido2-clear-key</code></td>
+    <td><var class="Ar">dataset</var></td>
+  </tr>
+</table>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1>
+<p class="Pp">After verifying <var class="Ar">dataset</var> was encrypted with
+    <code class="Nm">tzpfms</code> backend
+    <a class="permalink" href="#FIDO2"><b class="Sy" id="FIDO2">FIDO2</b></a>:</p>
+<ol class="Bl-enum Bd-indent Bl-compact">
+  <li>performs the equivalent of <code class="Nm">zfs</code>
+      <code class="Cm">change-key</code> <code class="Fl">-o</code>
+      <code class="Li">keylocation=prompt</code> <code class="Fl">-o</code>
+      <code class="Li">keyformat=passphrase</code>
+      <var class="Ar">dataset</var>,</li>
+  <li>removes the
+      <code class="Li">xyz.nabijaczleweli:tzpfms.</code>{<code class="Li">backend</code>,
+      <code class="Li">key</code>} properties from
+      <var class="Ar">dataset</var>.</li>
+</ol>
+<p class="Pp">See
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>
+    for a detailed description.</p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="ENVIRONMENT_VARIABLES"><a class="permalink" href="#ENVIRONMENT_VARIABLES">ENVIRONMENT
+  VARIABLES</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="TZPFMS_PASSPHRASE_HELPER"><a class="permalink" href="#TZPFMS_PASSPHRASE_HELPER"><code class="Ev">TZPFMS_PASSPHRASE_HELPER</code></a></dt>
+  <dd>By default, passphrases are prompted for and read in on the standard
+      output and input streams. If
+      <code class="Ev">TZPFMS_PASSPHRASE_HELPER</code> is set and nonempty, it
+      will be run via <span class="Pa">/bin/</span><code class="Nm">sh</code>
+      <code class="Fl">-c</code> to provide each passphrase, instead.
+    <p class="Pp">The standard output stream of the helper is tied to an
+        anonymous file and used in its entirety as the passphrase, except for a
+        trailing new-line, if any. The arguments are:</p>
+    <div class="Bd-indent">
+    <dl class="Bl-tag Bl-compact">
+      <dt id="$1"><a class="permalink" href="#$1"><code class="Li">$1</code></a></dt>
+      <dd>Pre-formatted noun phrase with all the information below, for use as a
+          prompt</dd>
+      <dt id="$2"><a class="permalink" href="#$2"><code class="Li">$2</code></a></dt>
+      <dd>Either the dataset name or the element of the TPM hierarchy being
+          prompted for</dd>
+      <dt id="$3"><a class="permalink" href="#$3"><code class="Li">$3</code></a></dt>
+      <dd>&quot;new&quot; if this is for a new passphrase, otherwise blank</dd>
+      <dt id="$4"><a class="permalink" href="#$4"><code class="Li">$4</code></a></dt>
+      <dd>&quot;again&quot; if it's the second prompt for that passphrase,
+          otherwise blank</dd>
+    </dl>
+    </div>
+    <p class="Pp" id="127">If the helper doesn't exist (the shell exits with
+        <a class="permalink" href="#127"><b class="Sy">127</b></a>), a
+        diagnostic is issued and the normal prompt is used as fall-back. If it
+        fails for any other reason, the prompting is aborted.</p>
+  </dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="FIDO2_back-end_configuration"><a class="permalink" href="#FIDO2_back-end_configuration">FIDO2
+  back-end configuration</a></h1>
+<section class="Ss">
+<h2 class="Ss" id="Environment_variables"><a class="permalink" href="#Environment_variables">Environment
+  variables</a></h2>
+<dl class="Bl-tag Bl-compact">
+  <dt id="FIDO_DEBUG"><a class="permalink" href="#FIDO_DEBUG"><code class="Ev">FIDO_DEBUG</code></a></dt>
+  <dd>If set, enables libfido2 debug logging to the standard error stream.</dd>
+</dl>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="Device_selection"><a class="permalink" href="#Device_selection">Device
+  selection</a></h2>
+<p class="Pp">When creating, the first device which supports the
+    &#x2018;<code class="Li">hmac-secret</code>&#x2019; extension is used. When
+    loading, the assertion is shopped around to every such device.</p>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="See_also"><a class="permalink" href="#See_also">See
+  also</a></h2>
+<p class="Pp">The libfido2 documentation at
+    <a class="Lk" href="https://developers.yubico.com/libfido2/">https://developers.yubico.com/libfido2/</a>.</p>
+</section>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SPECIAL_THANKS"><a class="permalink" href="#SPECIAL_THANKS">SPECIAL
+  THANKS</a></h1>
+<p class="Pp">To all who support further development, in particular:</p>
+<ul class="Bl-bullet Bd-indent Bl-compact">
+  <li>ThePhD</li>
+  <li>Embark Studios</li>
+  <li>Jasper Bekkers</li>
+  <li>EvModder</li>
+</ul>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="REPORTING_BUGS"><a class="permalink" href="#REPORTING_BUGS">REPORTING
+  BUGS</a></h1>
+<p class="Pp"><a class="Lk" href="https://todo.sr.ht/~nabijaczleweli/fzifdso">https://todo.sr.ht/~nabijaczleweli/fzifdso</a></p>
+<p class="Pp"><a class="Mt" href="mailto:~nabijaczleweli/tzpfms@lists.sr.ht">~nabijaczleweli/tzpfms@lists.sr.ht</a>,
+    archived at
+    <a class="Lk" href="https://lists.sr.ht/~nabijaczleweli/tzpfms">https://lists.sr.ht/~nabijaczleweli/tzpfms</a>.</p>
+</section>
+</div>
+<table class="foot">
+  <tr>
+    <td class="foot-date">February 28, 2024</td>
+    <td class="foot-os">fzifdso 0</td>
+  </tr>
+</table>
+</body>
+</html>
diff --git a/zfs-fido2-load-key.8 b/zfs-fido2-load-key.8
new file mode 100644
index 0000000..247ca04
--- /dev/null
+++ b/zfs-fido2-load-key.8
@@ -0,0 +1,98 @@
+.\" SPDX-License-Identifier: MIT
+.
+.Dd February 28, 2024
+.ds doc-volume-operating-system
+.Dt ZFS-FIDO2-LOAD-KEY 8
+.Os fzifdso 0
+.
+.Sh NAME
+.Nm zfs-fido2-load-key
+.Nd load FIDO2-encrypted ZFS dataset key
+.Sh SYNOPSIS
+.Nm
+.Op Fl n
+.Ar dataset
+.
+.Sh DESCRIPTION
+After verifying
+.Ar dataset
+was encrypted with
+.Nm tzpfms
+backend
+.Sy FIDO2 ,
+asserts the preserved challenge, HMACking the salt with the on-device secret, and loads the resulting key into
+.Ar dataset .
+.Pp
+See
+.Xr zfs-fido2-change-key 8
+for a detailed description.
+.
+.Sh OPTIONS
+.Bl -tag -compact -width ".Fl n"
+.It Fl n
+Do a no-op/dry run, can be used even if the key is already loaded.
+Equivalent to
+.Nm zfs Cm load-key Ns 's
+.Fl n
+option.
+.El
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh ENVIRONMENT VARIABLES
+.Bl -tag -compact -width 4n
+.It Ev TZPFMS_PASSPHRASE_HELPER
+By default, passphrases are prompted for and read in on the standard output and input streams.
+If
+.Ev TZPFMS_PASSPHRASE_HELPER
+is set and nonempty, it will be run via
+.Pa /bin/ Ns Nm sh Fl c
+to provide each passphrase, instead.
+.Pp
+The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any.
+The arguments are:
+.Bl -tag -compact -offset 2n -width ".Li $1"
+.It Li $1
+Pre-formatted noun phrase with all the information below, for use as a prompt
+.\" Passphrase for tarta-zoot
+.\" New passphrase for tarta-zoot (again)
+.It Li $2
+Either the dataset name or the element of the TPM hierarchy being prompted for
+.It Li $3
+.Qq new
+if this is for a new passphrase, otherwise blank
+.It Li $4
+.Qq again
+if it's the second prompt for that passphrase, otherwise blank
+.El
+.Pp
+If the helper doesn't exist
+.Pq the shell exits with Sy 127 ,
+a diagnostic is issued and the normal prompt is used as fall-back.
+If it fails for any other reason, the prompting is aborted.
+.
+.
+.El
+.
+.
+.\" SPDX-License-Identifier: MIT
+.
+.Sh SPECIAL THANKS
+To all who support further development, in particular:
+.Bl -bullet -offset 4n -compact -width "@"
+.It
+ThePhD
+.It
+Embark Studios
+.It
+Jasper Bekkers
+.It
+EvModder
+.El
+.
+.Sh REPORTING BUGS
+.Lk https:/\&/todo.sr.ht/\(tinabijaczleweli/fzifdso
+.Pp
+.Mt \(tinabijaczleweli/tzpfms@lists.sr.ht ,
+archived at
+.Lk https:/\&/lists.sr.ht/\(tinabijaczleweli/tzpfms .
diff --git a/zfs-fido2-load-key.8.html b/zfs-fido2-load-key.8.html
new file mode 100644
index 0000000..ffc6446
--- /dev/null
+++ b/zfs-fido2-load-key.8.html
@@ -0,0 +1,117 @@
+<!DOCTYPE html>
+<html>
+<!-- This is an automatically generated file.  Do not edit.
+   SPDX-License-Identifier: MIT
+ -->
+<head>
+  <meta charset="utf-8"/>
+  <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+  <link rel="stylesheet" href="style.css" type="text/css" media="all"/>
+  <title>ZFS-FIDO2-LOAD-KEY(8)</title>
+</head>
+<body>
+<table class="head">
+  <tr>
+    <td class="head-ltitle">ZFS-FIDO2-LOAD-KEY(8)</td>
+    <td class="head-vol">System Manager's Manual</td>
+    <td class="head-rtitle">ZFS-FIDO2-LOAD-KEY(8)</td>
+  </tr>
+</table>
+<div class="manual-text">
+<section class="Sh">
+<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1>
+<p class="Pp"><code class="Nm">zfs-fido2-load-key</code> &#x2014;
+    <span class="Nd">load FIDO2-encrypted ZFS dataset key</span></p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1>
+<table class="Nm">
+  <tr>
+    <td><code class="Nm">zfs-fido2-load-key</code></td>
+    <td>[<code class="Fl">-n</code>] <var class="Ar">dataset</var></td>
+  </tr>
+</table>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1>
+<p class="Pp">After verifying <var class="Ar">dataset</var> was encrypted with
+    <code class="Nm">tzpfms</code> backend
+    <a class="permalink" href="#FIDO2"><b class="Sy" id="FIDO2">FIDO2</b></a>,
+    asserts the preserved challenge, HMACking the salt with the on-device
+    secret, and loads the resulting key into <var class="Ar">dataset</var>.</p>
+<p class="Pp">See
+    <a class="Xr" href="zfs-fido2-change-key.8.html">zfs-fido2-change-key(8)</a>
+    for a detailed description.</p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="OPTIONS"><a class="permalink" href="#OPTIONS">OPTIONS</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="n"><a class="permalink" href="#n"><code class="Fl">-n</code></a></dt>
+  <dd>Do a no-op/dry run, can be used even if the key is already loaded.
+      Equivalent to <code class="Nm">zfs</code>
+      <code class="Cm">load-key</code>'s <code class="Fl">-n</code> option.</dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="ENVIRONMENT_VARIABLES"><a class="permalink" href="#ENVIRONMENT_VARIABLES">ENVIRONMENT
+  VARIABLES</a></h1>
+<dl class="Bl-tag Bl-compact">
+  <dt id="TZPFMS_PASSPHRASE_HELPER"><a class="permalink" href="#TZPFMS_PASSPHRASE_HELPER"><code class="Ev">TZPFMS_PASSPHRASE_HELPER</code></a></dt>
+  <dd>By default, passphrases are prompted for and read in on the standard
+      output and input streams. If
+      <code class="Ev">TZPFMS_PASSPHRASE_HELPER</code> is set and nonempty, it
+      will be run via <span class="Pa">/bin/</span><code class="Nm">sh</code>
+      <code class="Fl">-c</code> to provide each passphrase, instead.
+    <p class="Pp">The standard output stream of the helper is tied to an
+        anonymous file and used in its entirety as the passphrase, except for a
+        trailing new-line, if any. The arguments are:</p>
+    <div class="Bd-indent">
+    <dl class="Bl-tag Bl-compact">
+      <dt id="$1"><a class="permalink" href="#$1"><code class="Li">$1</code></a></dt>
+      <dd>Pre-formatted noun phrase with all the information below, for use as a
+          prompt</dd>
+      <dt id="$2"><a class="permalink" href="#$2"><code class="Li">$2</code></a></dt>
+      <dd>Either the dataset name or the element of the TPM hierarchy being
+          prompted for</dd>
+      <dt id="$3"><a class="permalink" href="#$3"><code class="Li">$3</code></a></dt>
+      <dd>&quot;new&quot; if this is for a new passphrase, otherwise blank</dd>
+      <dt id="$4"><a class="permalink" href="#$4"><code class="Li">$4</code></a></dt>
+      <dd>&quot;again&quot; if it's the second prompt for that passphrase,
+          otherwise blank</dd>
+    </dl>
+    </div>
+    <p class="Pp" id="127">If the helper doesn't exist (the shell exits with
+        <a class="permalink" href="#127"><b class="Sy">127</b></a>), a
+        diagnostic is issued and the normal prompt is used as fall-back. If it
+        fails for any other reason, the prompting is aborted.</p>
+  </dd>
+</dl>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SPECIAL_THANKS"><a class="permalink" href="#SPECIAL_THANKS">SPECIAL
+  THANKS</a></h1>
+<p class="Pp">To all who support further development, in particular:</p>
+<ul class="Bl-bullet Bd-indent Bl-compact">
+  <li>ThePhD</li>
+  <li>Embark Studios</li>
+  <li>Jasper Bekkers</li>
+  <li>EvModder</li>
+</ul>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="REPORTING_BUGS"><a class="permalink" href="#REPORTING_BUGS">REPORTING
+  BUGS</a></h1>
+<p class="Pp"><a class="Lk" href="https://todo.sr.ht/~nabijaczleweli/fzifdso">https://todo.sr.ht/~nabijaczleweli/fzifdso</a></p>
+<p class="Pp"><a class="Mt" href="mailto:~nabijaczleweli/tzpfms@lists.sr.ht">~nabijaczleweli/tzpfms@lists.sr.ht</a>,
+    archived at
+    <a class="Lk" href="https://lists.sr.ht/~nabijaczleweli/tzpfms">https://lists.sr.ht/~nabijaczleweli/tzpfms</a>.</p>
+</section>
+</div>
+<table class="foot">
+  <tr>
+    <td class="foot-date">February 28, 2024</td>
+    <td class="foot-os">fzifdso 0</td>
+  </tr>
+</table>
+</body>
+</html>